summaryrefslogtreecommitdiffstats
path: root/docs-xml/smbdotconf/security/renameuserscript.xml
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
commit4f5791ebd03eaec1c7da0865a383175b05102712 (patch)
tree8ce7b00f7a76baa386372422adebbe64510812d4 /docs-xml/smbdotconf/security/renameuserscript.xml
parentInitial commit. (diff)
downloadsamba-upstream.tar.xz
samba-upstream.zip
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'docs-xml/smbdotconf/security/renameuserscript.xml')
-rw-r--r--docs-xml/smbdotconf/security/renameuserscript.xml33
1 files changed, 33 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/renameuserscript.xml b/docs-xml/smbdotconf/security/renameuserscript.xml
new file mode 100644
index 0000000..2bfbea4
--- /dev/null
+++ b/docs-xml/smbdotconf/security/renameuserscript.xml
@@ -0,0 +1,33 @@
+<samba:parameter name="rename user script"
+ context="G"
+ type="string"
+ substitution="1"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>
+ This is the full pathname to a script that will be run as root by <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> under special circumstances described below.
+ </para>
+
+ <para>
+ When a user with admin authority or SeAddUserPrivilege rights renames a user (e.g.: from the NT4 User Manager
+ for Domains), this script will be run to rename the POSIX user. Two variables, <literal>%uold</literal> and
+ <literal>%unew</literal>, will be substituted with the old and new usernames, respectively. The script should
+ return 0 upon successful completion, and nonzero otherwise.
+ </para>
+
+ <note><para>
+ The script has all responsibility to rename all the necessary data that is accessible in this posix method.
+ This can mean different requirements for different backends. The tdbsam and smbpasswd backends will take care
+ of the contents of their respective files, so the script is responsible only for changing the POSIX username, and
+ other data that may required for your circumstances, such as home directory. Please also consider whether or
+ not you need to rename the actual home directories themselves. The ldapsam backend will not make any changes,
+ because of the potential issues with renaming the LDAP naming attribute. In this case the script is
+ responsible for changing the attribute that samba uses (uid) for locating users, as well as any data that
+ needs to change for other applications using the same directory.
+ </para></note>
+
+</description>
+
+<value type="default"></value>
+</samba:parameter>