| 1 | <samba:parameter name="add user script"
|
|---|
| 2 | context="G"
|
|---|
| 3 | type="string"
|
|---|
| 4 | advanced="1" developer="1"
|
|---|
| 5 | xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
|---|
| 6 | <description>
|
|---|
| 7 | <para>
|
|---|
| 8 | This is the full pathname to a script that will be run <emphasis>AS ROOT</emphasis> by
|
|---|
| 9 | <citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
|
|---|
| 10 | under special circumstances described below.
|
|---|
| 11 | </para>
|
|---|
| 12 |
|
|---|
| 13 | <para>
|
|---|
| 14 | Normally, a Samba server requires that UNIX users are created for all users accessing
|
|---|
| 15 | files on this server. For sites that use Windows NT account databases as their primary
|
|---|
| 16 | user database creating these users and keeping the user list in sync with the Windows
|
|---|
| 17 | NT PDC is an onerous task. This option allows smbd to create the required UNIX users
|
|---|
| 18 | <emphasis>ON DEMAND</emphasis> when a user accesses the Samba server.
|
|---|
| 19 | </para>
|
|---|
| 20 |
|
|---|
| 21 | <para>
|
|---|
| 22 | In order to use this option, <citerefentry><refentrytitle>smbd</refentrytitle>
|
|---|
| 23 | <manvolnum>8</manvolnum></citerefentry> must <emphasis>NOT</emphasis> be set to
|
|---|
| 24 | <smbconfoption name="security">share</smbconfoption> and <smbconfoption name="add user script"/>
|
|---|
| 25 | must be set to a full pathname for a script that will create a UNIX user given one argument of
|
|---|
| 26 | <parameter moreinfo="none">%u</parameter>, which expands into the UNIX user name to create.
|
|---|
| 27 | </para>
|
|---|
| 28 |
|
|---|
| 29 | <para>
|
|---|
| 30 | When the Windows user attempts to access the Samba server, at login (session setup in
|
|---|
| 31 | the SMB protocol) time, <citerefentry><refentrytitle>smbd</refentrytitle>
|
|---|
| 32 | <manvolnum>8</manvolnum></citerefentry> contacts the <smbconfoption name="password server"/>
|
|---|
| 33 | and attempts to authenticate the given user with the given password. If the authentication
|
|---|
| 34 | succeeds then <command moreinfo="none">smbd</command> attempts to find a UNIX user in the UNIX
|
|---|
| 35 | password database to map the Windows user into. If this lookup fails, and
|
|---|
| 36 | <smbconfoption name="add user script"/> is set then <command moreinfo="none">smbd</command> will
|
|---|
| 37 | call the specified script <emphasis>AS ROOT</emphasis>, expanding any
|
|---|
| 38 | <parameter moreinfo="none">%u</parameter> argument to be the user name to create.
|
|---|
| 39 | </para>
|
|---|
| 40 |
|
|---|
| 41 | <para>
|
|---|
| 42 | If this script successfully creates the user then <command moreinfo="none">smbd</command> will
|
|---|
| 43 | continue on as though the UNIX user already existed. In this way, UNIX users are dynamically created to
|
|---|
| 44 | match existing Windows NT accounts.
|
|---|
| 45 | </para>
|
|---|
| 46 |
|
|---|
| 47 | <para>
|
|---|
| 48 | See also <smbconfoption name="security"/>, <smbconfoption name="password server"/>,
|
|---|
| 49 | <smbconfoption name="delete user script"/>.
|
|---|
| 50 | </para>
|
|---|
| 51 | </description>
|
|---|
| 52 |
|
|---|
| 53 | <value type="default"/>
|
|---|
| 54 | <value type="example">/usr/local/samba/bin/add_user %u</value>
|
|---|
| 55 | </samba:parameter>
|
|---|
