1
<samba:parameter name="passwd chat"
4
advanced="1" developer="1"
5
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
7
<para>This string controls the <emphasis>"chat"</emphasis>
8
conversation that takes places between <citerefentry><refentrytitle>smbd</refentrytitle>
9
<manvolnum>8</manvolnum></citerefentry> and the local password changing
10
program to change the user's password. The string describes a
11
sequence of response-receive pairs that <citerefentry><refentrytitle>smbd</refentrytitle>
12
<manvolnum>8</manvolnum></citerefentry> uses to determine what to send to the
13
<smbconfoption name="passwd program"/> and what to expect back. If the expected output is not
14
received then the password is not changed.</para>
16
<para>This chat sequence is often quite site specific, depending
17
on what local methods are used for password control (such as NIS
20
<para>Note that this parameter only is used if the <smbconfoption
21
name="unix password sync"/> parameter is set to <constant>yes</constant>. This sequence is
22
then called <emphasis>AS ROOT</emphasis> when the SMB password in the
23
smbpasswd file is being changed, without access to the old password
24
cleartext. This means that root must be able to reset the user's password without
25
knowing the text of the previous password. In the presence of
26
NIS/YP, this means that the <smbconfoption name="passwd program"/> must
27
be executed on the NIS master.
30
<para>The string can contain the macro <parameter
31
moreinfo="none">%n</parameter> which is substituted
32
for the new password. The old passsword (<parameter
33
moreinfo="none">%o</parameter>) is only available when
34
<smbconfoption name="encrypt passwords"/> has been disabled.
35
The chat sequence can also contain the standard macros
36
\n, \r, \t and \s to give line-feed, carriage-return, tab
37
and space. The chat sequence string can also contain
38
a '*' which matches any sequence of characters. Double quotes can
39
be used to collect strings with spaces in them into a single
42
<para>If the send string in any part of the chat sequence is a full
43
stop ".", then no string is sent. Similarly, if the
44
expect string is a full stop then no string is expected.</para>
46
<para>If the <smbconfoption name="pam password change"/> parameter is set to <constant>yes</constant>, the
47
chat pairs may be matched in any order, and success is determined by the PAM result, not any particular
48
output. The \n macro is ignored for PAM conversions.
53
<related>unix password sync</related>
54
<related>passwd program</related>
55
<related>passwd chat debug</related>
56
<related>pam password change</related>
58
<value type="default">*new*password* %n\n*new*password* %n\n *changed*</value>
59
<value type="example">"*Enter NEW password*" %n\n "*Reenter NEW password*" %n\n "*Password changed*"</value>