salt.modules.pdbedit
Manage accounts in Samba's passdb using pdbedit
salt.modules.pdbedit.create(login, password, password_hashed=False, machine_account=False)
-
Create user account
- login : string
- login name
- password : string
- password
- password_hashed : boolean
- set if password is a nt hash instead of plain text
- machine_account : boolean
- set to create a machine trust account instead
CLI Example:
salt '*' pdbedit.create zoe 9764951149F84E770889011E1DC4A927 nthash
salt '*' pdbedit.create river 1sw4ll0w3d4bug
salt.modules.pdbedit.delete(login)
-
Delete user account
- login : string
- login name
CLI Example:
salt '*' pdbedit.delete wash
salt.modules.pdbedit.generate_nt_hash(password)
-
Generate a NT HASH
CLI Example:
salt '*' pdbedit.generate_nt_hash my_passwd
salt.modules.pdbedit.get_user(login, hashes=False)
-
Get user account details
- login : string
- login name
- hashes : boolean
- include NTHASH and LMHASH in verbose output
CLI Example:
salt '*' pdbedit.get kaylee
salt.modules.pdbedit.list_users(verbose=True, hashes=False)
-
List user accounts
- verbose : boolean
- return all information
- hashes : boolean
- include NT HASH and LM HASH in verbose output
CLI Example:
salt '*' pdbedit.list
salt.modules.pdbedit.modify(login, password=None, password_hashed=False, domain=None, profile=None, script=None, drive=None, homedir=None, fullname=None, account_desc=None, account_control=None, machine_sid=None, user_sid=None, reset_login_hours=False, reset_bad_password_count=False)
-
Modify user account
- login : string
- login name
- password : string
- password
- password_hashed : boolean
- set if password is a nt hash instead of plain text
- domain : string
- users domain
- profile : string
- profile path
- script : string
- logon script
- drive : string
- home drive
- homedir : string
- home directory
- fullname : string
- full name
- account_desc : string
- account description
- machine_sid : string
- specify the machines new primary group SID or rid
- user_sid : string
- specify the users new primary group SID or rid
- account_control : string
-
specify user account control properties
Note
Only the following can be set: - N: No password required - D: Account disabled - H: Home directory required - L: Automatic Locking - X: Password does not expire
- reset_login_hours : boolean
- reset the users allowed logon hours
- reset_bad_password_count : boolean
- reset the stored bad login counter
Note
if user is absent and password is provided, the user will be created
CLI Example:
salt '*' pdbedit.modify inara fullname='Inara Serra'
salt '*' pdbedit.modify simon password=r1v3r
salt '*' pdbedit.modify jane drive='V:' homedir='\\serenity\jane\profile'
salt '*' pdbedit.modify mal account_control=NX