mirror of
https://github.com/samba-team/samba.git
synced 2024-12-31 17:18:04 +03:00
1591 lines
40 KiB
XML
1591 lines
40 KiB
XML
<?xml version="1.0" encoding="iso-8859-1"?>
|
|
<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
|
|
<refentry id="net.8">
|
|
|
|
<refmeta>
|
|
<refentrytitle>net</refentrytitle>
|
|
<manvolnum>8</manvolnum>
|
|
<refmiscinfo class="source">Samba</refmiscinfo>
|
|
<refmiscinfo class="manual">System Administration tools</refmiscinfo>
|
|
<refmiscinfo class="version">3.2</refmiscinfo>
|
|
</refmeta>
|
|
|
|
|
|
<refnamediv>
|
|
<refname>net</refname>
|
|
<refpurpose>Tool for administration of Samba and remote
|
|
CIFS servers.
|
|
</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsynopsisdiv>
|
|
<cmdsynopsis>
|
|
<command>net</command>
|
|
<arg choice="req"><ads|rap|rpc></arg>
|
|
<arg choice="opt">-h</arg>
|
|
<arg choice="opt">-w workgroup</arg>
|
|
<arg choice="opt">-W myworkgroup</arg>
|
|
<arg choice="opt">-U user</arg>
|
|
<arg choice="opt">-I ip-address</arg>
|
|
<arg choice="opt">-p port</arg>
|
|
<arg choice="opt">-n myname</arg>
|
|
<arg choice="opt">-s conffile</arg>
|
|
<arg choice="opt">-S server</arg>
|
|
<arg choice="opt">-l</arg>
|
|
<arg choice="opt">-P</arg>
|
|
<arg choice="opt">-d debuglevel</arg>
|
|
<arg choice="opt">-V</arg>
|
|
</cmdsynopsis>
|
|
</refsynopsisdiv>
|
|
|
|
<refsect1>
|
|
<title>DESCRIPTION</title>
|
|
|
|
<para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
|
|
<manvolnum>7</manvolnum></citerefentry> suite.</para>
|
|
|
|
<para>The Samba net utility is meant to work just like the net utility
|
|
available for windows and DOS. The first argument should be used
|
|
to specify the protocol to use when executing a certain command.
|
|
ADS is used for ActiveDirectory, RAP is using for old (Win9x/NT3)
|
|
clients and RPC can be used for NT4 and Windows 2000. If this
|
|
argument is omitted, net will try to determine it automatically.
|
|
Not all commands are available on all protocols.
|
|
</para>
|
|
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>OPTIONS</title>
|
|
|
|
<variablelist>
|
|
&stdarg.help;
|
|
|
|
<varlistentry>
|
|
<term>-w target-workgroup</term>
|
|
<listitem><para>
|
|
Sets target workgroup or domain. You have to specify
|
|
either this option or the IP address or the name of a server.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>-W workgroup</term>
|
|
<listitem><para>
|
|
Sets client workgroup or domain
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>-U user</term>
|
|
<listitem><para>
|
|
User name to use
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>-I ip-address</term>
|
|
<listitem><para>
|
|
IP address of target server to use. You have to
|
|
specify either this option or a target workgroup or
|
|
a target server.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>-p port</term>
|
|
<listitem><para>
|
|
Port on the target server to connect to (usually 139 or 445).
|
|
Defaults to trying 445 first, then 139.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
&stdarg.netbios.name;
|
|
&stdarg.configfile;
|
|
|
|
<varlistentry>
|
|
<term>-S server</term>
|
|
<listitem><para>
|
|
Name of target server. You should specify either
|
|
this option or a target workgroup or a target IP address.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>-l</term>
|
|
<listitem><para>
|
|
When listing data, give more information on each item.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>-P</term>
|
|
<listitem><para>
|
|
Make queries to the external server using the machine account of the local server.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
&stdarg.server.debug;
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>COMMANDS</title>
|
|
|
|
<refsect2>
|
|
<title>CHANGESECRETPW</title>
|
|
|
|
<para>This command allows the Samba machine account password to be set from an external application
|
|
to a machine account password that has already been stored in Active Directory. DO NOT USE this command
|
|
unless you know exactly what you are doing. The use of this command requires that the force flag (-f)
|
|
be used also. There will be NO command prompt. Whatever information is piped into stdin, either by
|
|
typing at the command line or otherwise, will be stored as the literal machine password. Do NOT use
|
|
this without care and attention as it will overwrite a legitimate machine password without warning.
|
|
YOU HAVE BEEN WARNED.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>TIME</title>
|
|
|
|
<para>The <command>NET TIME</command> command allows you to view the time on a remote server
|
|
or synchronise the time on the local server with the time on the remote server.</para>
|
|
|
|
<refsect3>
|
|
<title>TIME</title>
|
|
|
|
<para>Without any options, the <command>NET TIME</command> command
|
|
displays the time on the remote server.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>TIME SYSTEM</title>
|
|
|
|
<para>Displays the time on the remote server in a format ready for <command>/bin/date</command>.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>TIME SET</title>
|
|
<para>Tries to set the date and time of the local server to that on
|
|
the remote server using <command>/bin/date</command>. </para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>TIME ZONE</title>
|
|
|
|
<para>Displays the timezone in hours from GMT on the remote computer.</para>
|
|
|
|
</refsect3>
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]</title>
|
|
|
|
<para>
|
|
Join a domain. If the account already exists on the server, and
|
|
[TYPE] is MEMBER, the machine will attempt to join automatically.
|
|
(Assuming that the machine has been created in server manager)
|
|
Otherwise, a password will be prompted for, and a new account may
|
|
be created.</para>
|
|
|
|
<para>
|
|
[TYPE] may be PDC, BDC or MEMBER to specify the type of server
|
|
joining the domain.
|
|
</para>
|
|
|
|
<para>
|
|
[UPN] (ADS only) set the principalname attribute during the join. The default
|
|
format is host/netbiosname@REALM.
|
|
</para>
|
|
|
|
<para>
|
|
[OU] (ADS only) Precreate the computer account in a specific OU. The
|
|
OU string reads from top to bottom without RDNs, and is delimited by
|
|
a '/'. Please note that '\' is used for escape by both the shell
|
|
and ldap, so it may need to be doubled or quadrupled to pass through,
|
|
and it is not used as a delimiter.
|
|
</para>
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>[RPC] OLDJOIN [options]</title>
|
|
|
|
<para>Join a domain. Use the OLDJOIN option to join the domain
|
|
using the old style of domain joining - you need to create a trust
|
|
account in server manager first.</para>
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>[RPC|ADS] USER</title>
|
|
|
|
<refsect3>
|
|
<title>[RPC|ADS] USER</title>
|
|
|
|
<para>List all users</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RPC|ADS] USER DELETE <replaceable>target</replaceable></title>
|
|
|
|
<para>Delete specified user</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RPC|ADS] USER INFO <replaceable>target</replaceable></title>
|
|
|
|
<para>List the domain groups of the specified user.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RPC|ADS] USER RENAME <replaceable>oldname</replaceable> <replaceable>newname</replaceable></title>
|
|
|
|
<para>Rename specified user.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RPC|ADS] USER ADD <replaceable>name</replaceable> [password] [-F user flags] [-C comment]</title>
|
|
|
|
<para>Add specified user.</para>
|
|
</refsect3>
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>[RPC|ADS] GROUP</title>
|
|
|
|
<refsect3>
|
|
<title>[RPC|ADS] GROUP [misc options] [targets]</title>
|
|
<para>List user groups.</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RPC|ADS] GROUP DELETE <replaceable>name</replaceable> [misc. options]</title>
|
|
|
|
<para>Delete specified group.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RPC|ADS] GROUP ADD <replaceable>name</replaceable> [-C comment]</title>
|
|
|
|
<para>Create specified group.</para>
|
|
|
|
</refsect3>
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>[RAP|RPC] SHARE</title>
|
|
|
|
<refsect3>
|
|
<title>[RAP|RPC] SHARE [misc. options] [targets]</title>
|
|
|
|
<para>Enumerates all exported resources (network shares) on target server.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RAP|RPC] SHARE ADD <replaceable>name=serverpath</replaceable> [-C comment] [-M maxusers] [targets]</title>
|
|
|
|
<para>Adds a share from a server (makes the export active). Maxusers
|
|
specifies the number of users that can be connected to the
|
|
share simultaneously.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>SHARE DELETE <replaceable>sharename</replaceable></title>
|
|
|
|
<para>Delete specified share.</para>
|
|
</refsect3>
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>[RPC|RAP] FILE</title>
|
|
|
|
<refsect3>
|
|
<title>[RPC|RAP] FILE</title>
|
|
|
|
<para>List all open files on remote server.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RPC|RAP] FILE CLOSE <replaceable>fileid</replaceable></title>
|
|
|
|
<para>Close file with specified <replaceable>fileid</replaceable> on
|
|
remote server.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RPC|RAP] FILE INFO <replaceable>fileid</replaceable></title>
|
|
|
|
<para>
|
|
Print information on specified <replaceable>fileid</replaceable>.
|
|
Currently listed are: file-id, username, locks, path, permissions.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>[RAP|RPC] FILE USER <replaceable>user</replaceable></title>
|
|
|
|
<para>
|
|
List files opened by specified <replaceable>user</replaceable>.
|
|
Please note that <command>net rap file user</command> does not work
|
|
against Samba servers.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SESSION</title>
|
|
|
|
<refsect3>
|
|
<title>RAP SESSION</title>
|
|
|
|
<para>Without any other options, SESSION enumerates all active SMB/CIFS
|
|
sessions on the target server.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RAP SESSION DELETE|CLOSE <replaceable>CLIENT_NAME</replaceable></title>
|
|
|
|
<para>Close the specified sessions.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RAP SESSION INFO <replaceable>CLIENT_NAME</replaceable></title>
|
|
|
|
<para>Give a list with all the open files in specified session.</para>
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RAP SERVER <replaceable>DOMAIN</replaceable></title>
|
|
|
|
<para>List all servers in specified domain or workgroup. Defaults
|
|
to local domain.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RAP DOMAIN</title>
|
|
|
|
<para>Lists all domains and workgroups visible on the
|
|
current network.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RAP PRINTQ</title>
|
|
|
|
<refsect3>
|
|
<title>RAP PRINTQ LIST <replaceable>QUEUE_NAME</replaceable></title>
|
|
|
|
<para>Lists the specified print queue and print jobs on the server.
|
|
If the <replaceable>QUEUE_NAME</replaceable> is omitted, all
|
|
queues are listed.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RAP PRINTQ DELETE <replaceable>JOBID</replaceable></title>
|
|
|
|
<para>Delete job with specified id.</para>
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RAP VALIDATE <replaceable>user</replaceable> [<replaceable>password</replaceable>]</title>
|
|
|
|
<para>
|
|
Validate whether the specified user can log in to the
|
|
remote server. If the password is not specified on the commandline, it
|
|
will be prompted.
|
|
</para>
|
|
|
|
¬.implemented;
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RAP GROUPMEMBER</title>
|
|
|
|
<refsect3>
|
|
<title>RAP GROUPMEMBER LIST <replaceable>GROUP</replaceable></title>
|
|
|
|
<para>List all members of the specified group.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RAP GROUPMEMBER DELETE <replaceable>GROUP</replaceable> <replaceable>USER</replaceable></title>
|
|
|
|
<para>Delete member from group.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RAP GROUPMEMBER ADD <replaceable>GROUP</replaceable> <replaceable>USER</replaceable></title>
|
|
|
|
<para>Add member to group.</para>
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RAP ADMIN <replaceable>command</replaceable></title>
|
|
|
|
<para>Execute the specified <replaceable>command</replaceable> on
|
|
the remote server. Only works with OS/2 servers.
|
|
</para>
|
|
|
|
¬.implemented;
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RAP SERVICE</title>
|
|
|
|
<refsect3>
|
|
<title>RAP SERVICE START <replaceable>NAME</replaceable> [arguments...]</title>
|
|
|
|
<para>Start the specified service on the remote server. Not implemented yet.</para>
|
|
|
|
¬.implemented;
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RAP SERVICE STOP</title>
|
|
|
|
<para>Stop the specified service on the remote server.</para>
|
|
|
|
¬.implemented;
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RAP PASSWORD <replaceable>USER</replaceable> <replaceable>OLDPASS</replaceable> <replaceable>NEWPASS</replaceable></title>
|
|
|
|
<para>
|
|
Change password of <replaceable>USER</replaceable> from <replaceable>OLDPASS</replaceable> to <replaceable>NEWPASS</replaceable>.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>LOOKUP</title>
|
|
|
|
<refsect3>
|
|
<title>LOOKUP HOST <replaceable>HOSTNAME</replaceable> [<replaceable>TYPE</replaceable>]</title>
|
|
|
|
<para>
|
|
Lookup the IP address of the given host with the specified type (netbios suffix).
|
|
The type defaults to 0x20 (workstation).
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>LOOKUP LDAP [<replaceable>DOMAIN</replaceable>]</title>
|
|
|
|
<para>Give IP address of LDAP server of specified <replaceable>DOMAIN</replaceable>. Defaults to local domain.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>LOOKUP KDC [<replaceable>REALM</replaceable>]</title>
|
|
|
|
<para>Give IP address of KDC for the specified <replaceable>REALM</replaceable>.
|
|
Defaults to local realm.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>LOOKUP DC [<replaceable>DOMAIN</replaceable>]</title>
|
|
|
|
<para>Give IP's of Domain Controllers for specified <replaceable>
|
|
DOMAIN</replaceable>. Defaults to local domain.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>LOOKUP MASTER <replaceable>DOMAIN</replaceable></title>
|
|
|
|
<para>Give IP of master browser for specified <replaceable>DOMAIN</replaceable>
|
|
or workgroup. Defaults to local domain.</para>
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>CACHE</title>
|
|
|
|
<para>Samba uses a general caching interface called 'gencache'. It
|
|
can be controlled using 'NET CACHE'.</para>
|
|
|
|
<para>All the timeout parameters support the suffixes:
|
|
|
|
<simplelist>
|
|
<member>s - Seconds</member>
|
|
<member>m - Minutes</member>
|
|
<member>h - Hours</member>
|
|
<member>d - Days</member>
|
|
<member>w - Weeks</member>
|
|
</simplelist>
|
|
|
|
</para>
|
|
|
|
<refsect3>
|
|
<title>CACHE ADD <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable></title>
|
|
|
|
<para>Add specified key+data to the cache with the given timeout.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CACHE DEL <replaceable>key</replaceable></title>
|
|
|
|
<para>Delete key from the cache.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CACHE SET <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable></title>
|
|
|
|
<para>Update data of existing cache entry.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CACHE SEARCH <replaceable>PATTERN</replaceable></title>
|
|
|
|
<para>Search for the specified pattern in the cache data.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CACHE LIST</title>
|
|
|
|
<para>
|
|
List all current items in the cache.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CACHE FLUSH</title>
|
|
|
|
<para>Remove all the current items from the cache.</para>
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>GETLOCALSID [DOMAIN]</title>
|
|
|
|
<para>Prints the SID of the specified domain, or if the parameter is
|
|
omitted, the SID of the local server.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SETLOCALSID S-1-5-21-x-y-z</title>
|
|
|
|
<para>Sets SID for the local server to the specified SID.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>GETDOMAINSID</title>
|
|
|
|
<para>Prints the local machine SID and the SID of the current
|
|
domain.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SETDOMAINSID</title>
|
|
|
|
<para>Sets the SID of the current domain.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>GROUPMAP</title>
|
|
|
|
<para>Manage the mappings between Windows group SIDs and UNIX groups.
|
|
Common options include:</para>
|
|
|
|
<itemizedlist>
|
|
<listitem><para>unixgroup - Name of the UNIX group</para></listitem>
|
|
<listitem><para>ntgroup - Name of the Windows NT group (must be
|
|
resolvable to a SID</para></listitem>
|
|
<listitem><para>rid - Unsigned 32-bit integer</para></listitem>
|
|
<listitem><para>sid - Full SID in the form of "S-1-..."</para></listitem>
|
|
<listitem><para>type - Type of the group; either 'domain', 'local',
|
|
or 'builtin'</para></listitem>
|
|
<listitem><para>comment - Freeform text description of the group</para></listitem>
|
|
</itemizedlist>
|
|
|
|
<refsect3>
|
|
<title>GROUPMAP ADD</title>
|
|
|
|
<para>
|
|
Add a new group mapping entry:
|
|
<programlisting>
|
|
net groupmap add {rid=int|sid=string} unixgroup=string \
|
|
[type={domain|local}] [ntgroup=string] [comment=string]
|
|
</programlisting>
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>GROUPMAP DELETE</title>
|
|
|
|
<para>Delete a group mapping entry. If more than one group name matches, the first entry found is deleted.</para>
|
|
|
|
<para>net groupmap delete {ntgroup=string|sid=SID}</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>GROUPMAP MODIFY</title>
|
|
|
|
<para>Update en existing group entry.</para>
|
|
|
|
<para>
|
|
<programlisting>
|
|
net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \
|
|
[comment=string] [type={domain|local}]
|
|
</programlisting>
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>GROUPMAP LIST</title>
|
|
|
|
<para>List existing group mapping entries.</para>
|
|
|
|
<para>net groupmap list [verbose] [ntgroup=string] [sid=SID]</para>
|
|
|
|
</refsect3>
|
|
</refsect2>
|
|
|
|
|
|
|
|
<refsect2>
|
|
<title>MAXRID</title>
|
|
|
|
<para>Prints out the highest RID currently in use on the local
|
|
server (by the active 'passdb backend').
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RPC INFO</title>
|
|
|
|
<para>Print information about the domain of the remote server,
|
|
such as domain name, domain sid and number of users and groups.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>[RPC|ADS] TESTJOIN</title>
|
|
|
|
<para>Check whether participation in a domain is still valid.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>[RPC|ADS] CHANGETRUSTPW</title>
|
|
|
|
<para>Force change of domain trust password.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RPC TRUSTDOM</title>
|
|
|
|
<refsect3>
|
|
<title>RPC TRUSTDOM ADD <replaceable>DOMAIN</replaceable></title>
|
|
|
|
<para>Add a interdomain trust account for <replaceable>DOMAIN</replaceable>.
|
|
This is in fact a Samba account named <replaceable>DOMAIN$</replaceable>
|
|
with the account flag <constant>'I'</constant> (interdomain trust account).
|
|
If the command is used against localhost it has the same effect as
|
|
<command>smbpasswd -a -i DOMAIN</command>. Please note that both commands
|
|
expect a appropriate UNIX account.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RPC TRUSTDOM DEL <replaceable>DOMAIN</replaceable></title>
|
|
|
|
<para>Remove interdomain trust account for
|
|
<replaceable>DOMAIN</replaceable>. If it is used against localhost
|
|
it has the same effect as <command>smbpasswd -x DOMAIN$</command>.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RPC TRUSTDOM ESTABLISH <replaceable>DOMAIN</replaceable></title>
|
|
|
|
<para>
|
|
Establish a trust relationship to a trusting domain.
|
|
Interdomain account must already be created on the remote PDC.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RPC TRUSTDOM REVOKE <replaceable>DOMAIN</replaceable></title>
|
|
<para>Abandon relationship to trusted domain</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RPC TRUSTDOM LIST</title>
|
|
|
|
<para>List all current interdomain trust relationships.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>RPC RIGHTS</title>
|
|
|
|
<para>This subcommand is used to view and manage Samba's rights assignments (also
|
|
referred to as privileges). There are three options currently available:
|
|
<parameter>list</parameter>, <parameter>grant</parameter>, and
|
|
<parameter>revoke</parameter>. More details on Samba's privilege model and its use
|
|
can be found in the Samba-HOWTO-Collection.</para>
|
|
|
|
</refsect3>
|
|
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RPC ABORTSHUTDOWN</title>
|
|
|
|
<para>Abort the shutdown of a remote server.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]</title>
|
|
|
|
<para>Shut down the remote server.</para>
|
|
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term>-r</term>
|
|
<listitem><para>
|
|
Reboot after shutdown.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>-f</term>
|
|
<listitem><para>
|
|
Force shutting down all applications.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>-t timeout</term>
|
|
<listitem><para>
|
|
Timeout before system will be shut down. An interactive
|
|
user of the system can use this time to cancel the shutdown.
|
|
</para></listitem>
|
|
</varlistentry>'>
|
|
|
|
<varlistentry>
|
|
<term>-C message</term>
|
|
<listitem><para>Display the specified message on the screen to
|
|
announce the shutdown.</para></listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RPC SAMDUMP</title>
|
|
|
|
<para>Print out sam database of remote server. You need
|
|
to run this against the PDC, from a Samba machine joined as a BDC. </para>
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RPC VAMPIRE</title>
|
|
|
|
<para>Export users, aliases and groups from remote server to
|
|
local server. You need to run this against the PDC, from a Samba machine joined as a BDC.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>RPC GETSID</title>
|
|
|
|
<para>Fetch domain SID and store it in the local <filename>secrets.tdb</filename>. </para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>ADS LEAVE</title>
|
|
|
|
<para>Make the remote host leave the domain it is part of. </para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>ADS STATUS</title>
|
|
|
|
<para>Print out status of machine account of the local machine in ADS.
|
|
Prints out quite some debug info. Aimed at developers, regular
|
|
users should use <command>NET ADS TESTJOIN</command>.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>ADS PRINTER</title>
|
|
|
|
<refsect3>
|
|
<title>ADS PRINTER INFO [<replaceable>PRINTER</replaceable>] [<replaceable>SERVER</replaceable>]</title>
|
|
|
|
<para>
|
|
Lookup info for <replaceable>PRINTER</replaceable> on <replaceable>SERVER</replaceable>. The printer name defaults to "*", the
|
|
server name defaults to the local host.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>ADS PRINTER PUBLISH <replaceable>PRINTER</replaceable></title>
|
|
|
|
<para>Publish specified printer using ADS.</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>ADS PRINTER REMOVE <replaceable>PRINTER</replaceable></title>
|
|
|
|
<para>Remove specified printer from ADS directory.</para>
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>ADS SEARCH <replaceable>EXPRESSION</replaceable> <replaceable>ATTRIBUTES...</replaceable></title>
|
|
|
|
<para>Perform a raw LDAP search on a ADS server and dump the results. The
|
|
expression is a standard LDAP search expression, and the
|
|
attributes are a list of LDAP fields to show in the results.</para>
|
|
|
|
<para>Example: <userinput>net ads search '(objectCategory=group)' sAMAccountName</userinput>
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>ADS DN <replaceable>DN</replaceable> <replaceable>(attributes)</replaceable></title>
|
|
|
|
<para>
|
|
Perform a raw LDAP search on a ADS server and dump the results. The
|
|
DN standard LDAP DN, and the attributes are a list of LDAP fields
|
|
to show in the result.
|
|
</para>
|
|
|
|
<para>Example: <userinput>net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName</userinput></para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>ADS WORKGROUP</title>
|
|
|
|
<para>Print out workgroup name for specified kerberos realm.</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM CREATEBUILTINGROUP <NAME></title>
|
|
|
|
<para>
|
|
(Re)Create a BUILTIN group.
|
|
Only a wellknown set of BUILTIN groups can be created with this command.
|
|
This is the list of currently recognized group names: Administrators,
|
|
Users, Guests, Power Users, Account Operators, Server Operators, Print
|
|
Operators, Backup Operators, Replicator, RAS Servers, Pre-Windows 2000
|
|
compatible Access.
|
|
|
|
This command requires a running Winbindd with idmap allocation properly
|
|
configured. The group gid will be allocated out of the winbindd range.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM CREATELOCALGROUP <NAME></title>
|
|
|
|
<para>
|
|
Create a LOCAL group (also known as Alias).
|
|
|
|
This command requires a running Winbindd with idmap allocation properly
|
|
configured. The group gid will be allocated out of the winbindd range.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM DELETELOCALGROUP <NAME></title>
|
|
|
|
<para>
|
|
Delete an existing LOCAL group (also known as Alias).
|
|
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM MAPUNIXGROUP <NAME></title>
|
|
|
|
<para>
|
|
Map an existing Unix group and make it a Domain Group, the domain group
|
|
will have the same name.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM UNMAPUNIXGROUP <NAME></title>
|
|
|
|
<para>
|
|
Remove an existing group mapping entry.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM ADDMEM <GROUP> <MEMBER></title>
|
|
|
|
<para>
|
|
Add a member to a Local group. The group can be specified only by name,
|
|
the member can be specified by name or SID.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM DELMEM <GROUP> <MEMBER></title>
|
|
|
|
<para>
|
|
Remove a member from a Local group. The group and the member must be
|
|
specified by name.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM LISTMEM <GROUP></title>
|
|
|
|
<para>
|
|
List Local group members. The group must be specified by name.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM LIST <users|groups|localgroups|builtin|workstations> [verbose]</title>
|
|
|
|
<para>
|
|
List the specified set of accounts by name. If verbose is specified,
|
|
the rid and description is also provided for each account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SHOW <NAME></title>
|
|
|
|
<para>
|
|
Show the full DOMAIN\\NAME the SID and the type for the corresponding
|
|
account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET HOMEDIR <NAME> <DIRECTORY></title>
|
|
|
|
<para>
|
|
Set the home directory for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET PROFILEPATH <NAME> <PATH></title>
|
|
|
|
<para>
|
|
Set the profile path for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET COMMENT <NAME> <COMMENT></title>
|
|
|
|
<para>
|
|
Set the comment for a user or group account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET FULLNAME <NAME> <FULL NAME></title>
|
|
|
|
<para>
|
|
Set the full name for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET LOGONSCRIPT <NAME> <SCRIPT></title>
|
|
|
|
<para>
|
|
Set the logon script for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET HOMEDRIVE <NAME> <DRIVE></title>
|
|
|
|
<para>
|
|
Set the home drive for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET WORKSTATIONS <NAME> <WORKSTATIONS></title>
|
|
|
|
<para>
|
|
Set the workstations a user account is allowed to log in from.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET DISABLE <NAME></title>
|
|
|
|
<para>
|
|
Set the "disabled" flag for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET PWNOTREQ <NAME></title>
|
|
|
|
<para>
|
|
Set the "password not required" flag for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET AUTOLOCK <NAME></title>
|
|
|
|
<para>
|
|
Set the "autolock" flag for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET PWNOEXP <NAME></title>
|
|
|
|
<para>
|
|
Set the "password do not expire" flag for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM SET PWDMUSTCHANGENOW <NAME> [yes|no]</title>
|
|
|
|
<para>
|
|
Set or unset the "password must change" flag for a user account.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM POLICY LIST</title>
|
|
|
|
<para>
|
|
List the available account policies.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM POLICY SHOW <account policy></title>
|
|
|
|
<para>
|
|
Show the account policy value.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM POLICY SET <account policy> <value></title>
|
|
|
|
<para>
|
|
Set a value for the account policy.
|
|
Valid values can be: "forever", "never", "off", or a number.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>SAM PROVISION</title>
|
|
|
|
<para>
|
|
Only available if ldapsam:editposix is set and winbindd is running.
|
|
Properly populates the ldap tree with the basic accounts (Administrator)
|
|
and groups (Domain Users, Domain Admins, Domain Guests) on the ldap tree.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>IDMAP DUMP <local tdb file name></title>
|
|
|
|
<para>
|
|
Dumps the mappings contained in the local tdb file specified.
|
|
This command is useful to dump only the mappings produced by the idmap_tdb backend.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>IDMAP RESTORE [input file]</title>
|
|
|
|
<para>
|
|
Restore the mappings from the specified file or stdin.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>IDMAP SECRET <DOMAIN>|ALLOC <secret></title>
|
|
|
|
<para>
|
|
Store a secret for the specified domain, used primarily for domains
|
|
that use idmap_ldap as a backend. In this case the secret is used
|
|
as the password for the user DN used to bind to the ldap server.
|
|
</para>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>USERSHARE</title>
|
|
|
|
<para>Starting with version 3.0.23, a Samba server now supports the ability for
|
|
non-root users to add user defined shares to be exported using the "net usershare"
|
|
commands.
|
|
</para>
|
|
|
|
<para>
|
|
To set this up, first set up your smb.conf by adding to the [global] section:
|
|
|
|
usershare path = /usr/local/samba/lib/usershares
|
|
|
|
Next create the directory /usr/local/samba/lib/usershares, change the owner to root and
|
|
set the group owner to the UNIX group who should have the ability to create usershares,
|
|
for example a group called "serverops".
|
|
|
|
Set the permissions on /usr/local/samba/lib/usershares to 01770.
|
|
|
|
(Owner and group all access, no access for others, plus the sticky bit,
|
|
which means that a file in that directory can be renamed or deleted only
|
|
by the owner of the file).
|
|
|
|
Finally, tell smbd how many usershares you will allow by adding to the [global]
|
|
section of smb.conf a line such as :
|
|
|
|
usershare max shares = 100.
|
|
|
|
To allow 100 usershare definitions. Now, members of the UNIX group "serverops"
|
|
can create user defined shares on demand using the commands below.
|
|
</para>
|
|
|
|
<para>The usershare commands are:
|
|
|
|
<simplelist>
|
|
<member>net usershare add sharename path [comment] [acl] [guest_ok=[y|n]] - to add or change a user defined share.</member>
|
|
<member>net usershare delete sharename - to delete a user defined share.</member>
|
|
<member>net usershare info [-l|--long] [wildcard sharename] - to print info about a user defined share.</member>
|
|
<member>net usershare list [-l|--long] [wildcard sharename] - to list user defined shares.</member>
|
|
</simplelist>
|
|
|
|
</para>
|
|
|
|
<refsect3>
|
|
<title>USERSHARE ADD <replaceable>sharename</replaceable> <replaceable>path</replaceable> <replaceable>[comment]</replaceable> <replaceable>[acl]</replaceable> <replaceable>[guest_ok=[y|n]]</replaceable></title>
|
|
|
|
<para>
|
|
Add or replace a new user defined share, with name "sharename".
|
|
</para>
|
|
|
|
<para>
|
|
"path" specifies the absolute pathname on the system to be exported.
|
|
Restrictions may be put on this, see the global smb.conf parameters:
|
|
"usershare owner only", "usershare prefix allow list", and
|
|
"usershare prefix deny list".
|
|
</para>
|
|
|
|
<para>
|
|
The optional "comment" parameter is the comment that will appear
|
|
on the share when browsed to by a client.
|
|
</para>
|
|
|
|
<para>The optional "acl" field
|
|
specifies which users have read and write access to the entire share.
|
|
Note that guest connections are not allowed unless the smb.conf parameter
|
|
"usershare allow guests" has been set. The definition of a user
|
|
defined share acl is: "user:permission", where user is a valid
|
|
username on the system and permission can be "F", "R", or "D".
|
|
"F" stands for "full permissions", ie. read and write permissions.
|
|
"D" stands for "deny" for a user, ie. prevent this user from accessing
|
|
this share.
|
|
"R" stands for "read only", ie. only allow read access to this
|
|
share (no creation of new files or directories or writing to files).
|
|
</para>
|
|
|
|
<para>
|
|
The default if no "acl" is given is "Everyone:R", which means any
|
|
authenticated user has read-only access.
|
|
</para>
|
|
|
|
<para>
|
|
The optional "guest_ok" has the same effect as the parameter of the
|
|
same name in smb.conf, in that it allows guest access to this user
|
|
defined share. This parameter is only allowed if the global parameter
|
|
"usershare allow guests" has been set to true in the smb.conf.
|
|
</para>
|
|
|
|
There is no separate command to modify an existing user defined share,
|
|
just use the "net usershare add [sharename]" command using the same
|
|
sharename as the one you wish to modify and specify the new options
|
|
you wish. The Samba smbd daemon notices user defined share modifications
|
|
at connect time so will see the change immediately, there is no need
|
|
to restart smbd on adding, deleting or changing a user defined share.
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>USERSHARE DELETE <replaceable>sharename</replaceable></title>
|
|
|
|
<para>
|
|
Deletes the user defined share by name. The Samba smbd daemon
|
|
immediately notices this change, although it will not disconnect
|
|
any users currently connected to the deleted share.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>USERSHARE INFO <replaceable>[-l|--long]</replaceable> <replaceable>[wildcard sharename]</replaceable></title>
|
|
|
|
<para>
|
|
Get info on user defined shares owned by the current user matching the given pattern, or all users.
|
|
</para>
|
|
|
|
<para>
|
|
net usershare info on its own dumps out info on the user defined shares that were
|
|
created by the current user, or restricts them to share names that match the given
|
|
wildcard pattern ('*' matches one or more characters, '?' matches only one character).
|
|
If the '-l' or '--long' option is also given, it prints out info on user defined
|
|
shares created by other users.
|
|
</para>
|
|
|
|
<para>
|
|
The information given about a share looks like:
|
|
|
|
[foobar]
|
|
path=/home/jeremy
|
|
comment=testme
|
|
usershare_acl=Everyone:F
|
|
guest_ok=n
|
|
|
|
And is a list of the current settings of the user defined share that can be
|
|
modified by the "net usershare add" command.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>USERSHARE LIST <replaceable>[-l|--long]</replaceable> <replaceable>wildcard sharename</replaceable></title>
|
|
|
|
<para>
|
|
List all the user defined shares owned by the current user matching the given pattern, or all users.
|
|
</para>
|
|
|
|
<para>
|
|
net usershare list on its own list out the names of the user defined shares that were
|
|
created by the current user, or restricts the list to share names that match the given
|
|
wildcard pattern ('*' matches one or more characters, '?' matches only one character).
|
|
If the '-l' or '--long' option is also given, it includes the names of user defined
|
|
shares created by other users.
|
|
</para>
|
|
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>CONF</title>
|
|
|
|
<para>Starting with version 3.2.0, a Samba server can be configured by data
|
|
stored in registry. This configuration data can be edited with the new "net
|
|
conf" commands.
|
|
</para>
|
|
|
|
<para>
|
|
The deployment of this configuration data can be activated in two levels from the
|
|
<emphasis>smb.conf</emphasis> file: Share definitions from registry are
|
|
activated by setting <parameter>registry shares</parameter> to
|
|
<quote>yes</quote> in the [global] section and global configuration options are
|
|
activated by setting <smbconfoption name="include">registry</smbconfoption> in
|
|
the [global] section for a mixed configuration or by setting
|
|
<smbconfoption name="config backend">registry</smbconfoption> in the [global]
|
|
section for a registry-only configuration.
|
|
See the <citerefentry><refentrytitle>smb.conf</refentrytitle>
|
|
<manvolnum>5</manvolnum></citerefentry> manpage for details.
|
|
</para>
|
|
|
|
<para>The conf commands are:
|
|
<simplelist>
|
|
<member>net conf list - Dump the complete configuration in smb.conf like
|
|
format.</member>
|
|
<member>net conf import - Import configuration from file in smb.conf
|
|
format.</member>
|
|
<member>net conf listshares - List the registry shares.</member>
|
|
<member>net conf drop - Delete the complete configuration from
|
|
registry.</member>
|
|
<member>net conf showshare - Show the definition of a registry share.</member>
|
|
<member>net conf addshare - Create a new registry share.</member>
|
|
<member>net conf delshare - Delete a registry share.</member>
|
|
<member>net conf setparm - Store a parameter.</member>
|
|
<member>net conf getparm - Retrieve the value of a parameter.</member>
|
|
<member>net conf delparm - Delete a parameter.</member>
|
|
<member>net conf getincludes - Show the includes of a share definition.</member>
|
|
<member>net conf setincludes - Set includes for a share.</member>
|
|
<member>net conf delincludes - Delete includes from a share definition.</member>
|
|
</simplelist>
|
|
</para>
|
|
|
|
<refsect3>
|
|
<title>CONF LIST</title>
|
|
|
|
<para>
|
|
Print the configuration data stored in the registry in a smb.conf-like format to
|
|
standard output.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF IMPORT <replaceable>[--test|-T]</replaceable> <replaceable>filename</replaceable> <replaceable>[section]</replaceable></title>
|
|
|
|
<para>
|
|
This command imports configuration from a file in smb.conf format.
|
|
If a section encountered in the input file is present in registry,
|
|
its contents is replaced. Sections of registry configuration that have
|
|
no counterpart in the input file are not affected. If you want to delete these,
|
|
you will have to use the "net conf drop" or "net conf delshare" commands.
|
|
Optionally, a section may be specified to restrict the effect of the
|
|
import command to that specific section. A test mode is enabled by specifying
|
|
the parameter "-T" on the commandline. In test mode, no changes are made to the
|
|
registry, and the resulting configuration is printed to standard output instead.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF LISTSHARES</title>
|
|
|
|
<para>
|
|
List the names of the shares defined in registry.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF DROP</title>
|
|
|
|
<para>
|
|
Delete the complete configuration data from registry.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF SHOWSHARE <replaceable>sharename</replaceable></title>
|
|
|
|
<para>
|
|
Show the definition of the share or section specified. It is valid to specify
|
|
"global" as sharename to retrieve the global configuration options from
|
|
registry.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF ADDSHARE <replaceable>sharename</replaceable> <replaceable>path</replaceable> [<replaceable>writeable={y|N}</replaceable> [<replaceable>guest_ok={y|N}</replaceable> [<replaceable>comment</replaceable>]]] </title>
|
|
|
|
<para>Create a new share definition in registry.
|
|
The sharename and path have to be given. The share name may
|
|
<emphasis>not</emphasis> be "global". Optionally, values for the very
|
|
common options "writeable", "guest ok" and a "comment" may be specified.
|
|
The same result may be obtained by a sequence of "net conf setparm"
|
|
commands.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF DELSHARE <replaceable>sharename</replaceable></title>
|
|
|
|
<para>
|
|
Delete a share definition from registry.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF SETPARM <replaceable>section</replaceable> <replaceable>parameter</replaceable> <replaceable>value</replaceable></title>
|
|
|
|
<para>
|
|
Store a parameter in registry. The section may be global or a sharename.
|
|
The section is created if it does not exist yet.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF GETPARM <replaceable>section</replaceable> <replaceable>parameter</replaceable></title>
|
|
|
|
<para>
|
|
Show a parameter stored in registry.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF DELPARM <replaceable>section</replaceable> <replaceable>parameter</replaceable></title>
|
|
|
|
<para>
|
|
Delete a parameter stored in registry.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF GETINCLUDES <replaceable>section</replaceable></title>
|
|
|
|
<para>
|
|
Get the list of includes for the provided section (global or share).
|
|
</para>
|
|
|
|
<para>
|
|
Note that due to the nature of the registry database and the nature of include directives,
|
|
the includes need special treatment: Parameters are stored in registry by the parameter
|
|
name as valuename, so there is only ever one instance of a parameter per share.
|
|
Also, a specific order like in a text file is not guaranteed. For all real
|
|
parameters, this is perfectly ok, but the include directive is rather a meta
|
|
parameter, for which, in the smb.conf text file, the place where it is specified
|
|
between the other parameters is very important. This can not be achieved by the
|
|
simple registry smbconf data model, so there is one ordered list of includes
|
|
per share, and this list is evaluated after all the parameters of the share.
|
|
</para>
|
|
|
|
<para>
|
|
Further note that currently, only files can be included from registry
|
|
configuration. In the future, there will be the ability to include configuration
|
|
data from other registry keys.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF SETINCLUDES <replaceable>section</replaceable> [<replaceable>filename</replaceable>]+</title>
|
|
|
|
<para>
|
|
Set the list of includes for the provided section (global or share) to the given
|
|
list of one or more filenames. The filenames may contain the usual smb.conf
|
|
macros like %I.
|
|
</para>
|
|
</refsect3>
|
|
|
|
<refsect3>
|
|
<title>CONF DELINCLUDES <replaceable>section</replaceable></title>
|
|
|
|
<para>
|
|
Delete the list of includes from the provided section (global or share).
|
|
</para>
|
|
</refsect3>
|
|
|
|
</refsect2>
|
|
|
|
<refsect2>
|
|
<title>HELP [COMMAND]</title>
|
|
|
|
<para>Gives usage information for the specified command.</para>
|
|
|
|
</refsect2>
|
|
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>VERSION</title>
|
|
|
|
<para>This man page is complete for version 3 of the Samba
|
|
suite.</para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>AUTHOR</title>
|
|
|
|
<para>The original Samba software and related utilities
|
|
were created by Andrew Tridgell. Samba is now developed
|
|
by the Samba Team as an Open Source project similar
|
|
to the way the Linux kernel is developed.</para>
|
|
|
|
<para>The net manpage was written by Jelmer Vernooij.</para>
|
|
|
|
</refsect1>
|
|
|
|
</refentry>
|