* passwd.c (usage): Change description for -d option according to

	previous change.
	(main): Fix typo.
	* utils.sgml: Add missing description for passwd -d option.

3 files changed, 29 insertions, 5 deletions

diff --git a/winsup/utils/ChangeLog b/winsup/utils/ChangeLog
index 31b18e5e0..a40e905e8 100644
--- a/winsup/utils/ChangeLog
+++ b/winsup/utils/ChangeLog
@@ -1,5 +1,12 @@
 2009-03-23  Corinna Vinschen  <corinna@vinschen.de>
 
+	* passwd.c (usage): Change description for -d option according to
+	previous change.
+	(main): Fix typo.
+	* utils.sgml: Add missing description for passwd -d option.
+
+2009-03-23  Corinna Vinschen  <corinna@vinschen.de>
+
 	* passwd.c (caller_is_admin): New function to test if calling user
 	is an administrator by inspecting user token.
 	(main): Drop fetching caller info from logonserver.  Only fetch
diff --git a/winsup/utils/passwd.c b/winsup/utils/passwd.c
index 3616848ab..3ea91a4e5 100644
--- a/winsup/utils/passwd.c
+++ b/winsup/utils/passwd.c
@@ -280,7 +280,9 @@ usage (FILE * stream, int status)
   "\n"
   "Other options:\n"
   "  -d, --logonserver SERVER connect to SERVER (e.g. domain controller).\n"
-  "                           default server is the content of $LOGONSERVER.\n"
+  "                           Default server is the local system, unless\n"
+  "                           changing the current user, in which case the\n"
+  "                           default is the content of $LOGONSERVER.\n"
   "  -S, --status             display password status for USER (locked, expired,\n"
   "                           etc.) plus global system password settings.\n"
   "  -h, --help               output usage information and exit.\n"
@@ -571,7 +573,7 @@ main (int argc, char **argv)
   strcpy (user, optind >= argc ? getlogin () : argv[optind]);
 
   /* Changing password for calling user?  Use logonserver for user as well. */
-  if (!server && optind < argc)
+  if (!server && optind >= argc)
     {
       myself = 1;
       if ((logonserver = getenv ("LOGONSERVER")))
diff --git a/winsup/utils/utils.sgml b/winsup/utils/utils.sgml
index f2db2ee44..cffaa9d8b 100644
--- a/winsup/utils/utils.sgml
+++ b/winsup/utils/utils.sgml
@@ -919,6 +919,10 @@ System operations:
   -L, --length LEN         set system minimum password length to LEN.
 
 Other options:
+  -d, --logonserver SERVER connect to SERVER (e.g. domain controller).
+                           Default server is the local system, unless
+                           changing the current user, in which case the
+                           default is the content of $LOGONSERVER.
   -S, --status             display password status for USER (locked, expired,
                            etc.) plus global system password settings.
   -h, --help               output usage information and exit.
@@ -996,10 +1000,21 @@ to <emphasis>LEN</emphasis> characters.  Allowed values for the minimum
 password length are 0 to 14.  In any of the above cases, a value of 0
 means `no restrictions'.</para>
 
+<para>
+All operations affecting the current user are by default run against
+the logon server of the current user (taken from the environment
+variable <envar>LOGONSERVER</envar>.  When password or account information
+of other users should be changed, the default server is the local system.
+To change a user account on a remote machine, use the <literal>-d</literal>
+option to specify the machine to run the command against.  Note that the
+current user must be a valid member of the administrators group on the remote
+machine to perform such actions.
+</para>
+
 <para>Users can use the <command>passwd -R</command> to enter
-a password which then gets stored in a special area of the registry,
-which is also used by Windows to store passwords of accounts running
-Windows services.  When a privileged Cygwin application calls the
+a password which then gets stored in a special area of the registry on the
+local system, which is also used by Windows to store passwords of accounts
+running Windows services.  When a privileged Cygwin application calls the
 <command>set{e}uid(user_id)</command> system call, Cygwin checks if a
 password for that user has been stored in this registry area.  If so, it
 uses this password to switch to this user account using that password.