diff options
author | Luke Leighton <lkcl@samba.org> | 1999-11-19 23:26:42 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 1999-11-19 23:26:42 +0000 |
commit | 69fb70bea547434753cd969c7134fa3ca7522bf2 (patch) | |
tree | 45433600d0e829ec82d3a63e590bfe15cd1dacbe /docs/htmldocs/rpcclient.1.html | |
parent | 01072b78e61a7d752410ae868d9c156cae6ff357 (diff) | |
download | samba-69fb70bea547434753cd969c7134fa3ca7522bf2.tar.gz samba-69fb70bea547434753cd969c7134fa3ca7522bf2.tar.bz2 samba-69fb70bea547434753cd969c7134fa3ca7522bf2.zip |
yodl update - rpcclient
(This used to be commit 9eef1817f8f29c2d69832806b394658cf2cce5e9)
Diffstat (limited to 'docs/htmldocs/rpcclient.1.html')
-rw-r--r-- | docs/htmldocs/rpcclient.1.html | 592 |
1 files changed, 592 insertions, 0 deletions
diff --git a/docs/htmldocs/rpcclient.1.html b/docs/htmldocs/rpcclient.1.html new file mode 100644 index 0000000000..5af27f2088 --- /dev/null +++ b/docs/htmldocs/rpcclient.1.html @@ -0,0 +1,592 @@ + + + + + +<html><head><title>rpcclient (1)</title> + +<link rev="made" href="mailto:samba-bugs@samba.org"> +</head> +<body> + +<hr> + +<h1>rpcclient (1)</h1> +<h2>Samba</h2> +<h2>23 Oct 1998</h2> + + + + +<p><br><a name="NAME"></a> +<h2>NAME</h2> + rpcclient - utility to manage MSRPC resources on servers +<p><br><a name="SYNOPSIS"></a> +<h2>SYNOPSIS</h2> + +<p><br><strong>rpcclient</strong> +[<a href="rpcclient.1.html#password">password</a>] +<a href="rpcclient.1.html#servername">-S servername</a> +[<a href="rpcclient.1.html#minusU">-U [username][%][password]</a>] +[<a href="rpcclient.1.html#minusW">-W domain</a>] +[<a href="rpcclient.1.html#minusl">-l log basename</a>] +[<a href="rpcclient.1.html#minusd">-d debuglevel</a>] +[<a href="rpcclient.1.html#minusO">-O socket options</a>] +[<a href="rpcclient.1.html#minusi">-i scope</a>] +[<a href="rpcclient.1.html#minusN">-N</a>] +[<a href="rpcclient.1.html#minusn">-n NetBIOS name</a>] +[<a href="rpcclient.1.html#minush">-h</a>] +[<a href="rpcclient.1.html#minusI">-I dest IP</a>] +[<a href="rpcclient.1.html#minusE">-E</a>] +[<a href="rpcclient.1.html#minust">-t terminal code</a>] +[<a href="rpcclient.1.html#minusc">-c command string</a>] +[<a href="rpcclient.1.html#minusB">-B IP addr</a>] +[<a href="rpcclient.1.html#minuss">-s smb.conf</a>] +[<a href="rpcclient.1.html#minusm">-m max protocol</a>] +<p><br><a name="DESCRIPTION"></a> +<h2>DESCRIPTION</h2> + +<p><br>This program is part of the <strong>Samba</strong> suite. +<p><br><strong>rpcclient</strong> is a client that can 'talk' to an SMB/CIFS MSRPC server. +Operations include things like managing a SAM Database (users, groups +and aliases) in the same way as the Windows NT programs +<strong>User Manager for Domains</strong> and <strong>Server Manager for Domains</strong>; +managing a remote registry in the same way as the Windows NT programs +<strong>REGEDT32.EXE</strong> and <strong>REGEDIT.EXE</strong>; viewing a remote event log (same +as <strong>EVENTVWR.EXE</strong>) etc. +<p><br>Typical usage is like this: <br> +<code>rpcclient -I 192.168.32.1 -S "*SMBSERVER" -U fred%secret -l log</code> +<br> +<p><br><a name="OPTIONS"></a> +<h2>OPTIONS</h2> + +<p><br><ul> +<p><br><a name="servername"></a> +<li><strong><strong>servername</strong></strong> servername is the name of the server you want +to use on the server. This should be the NetBIOS name of the SMB/CIFS +server, which can be <strong>*SMBSERVER</strong> on Windows NT 4.0 or Samba Servers. +<p><br>Note that the server name required is NOT necessarily the IP (DNS) +host name of the server! The name required is a NetBIOS server name, +which may or may not be the same as the IP hostname of the machine +running the server. Also, remember that having a period in a NetBIOS +name (such as an IP hostname) may cause connectivity problems on your +network: NT tends to strip NetBIOS names from the leading period +onwards. +<p><br>The server name is looked up according to either the +<a href="rpcclient.1.html#minusR"><strong>-R</strong></a> parameter to <strong>rpcclient</strong> or using the +<a href="smb.conf.5.html#nameresolveorder"><strong>name resolve order</strong></a> +parameter in the smb.conf file, allowing an administrator to change +the order and methods by which server names are looked up. +<p><br><a name="password"></a> +<li><strong><strong>password</strong></strong> password is the password required to access the +specified service on the specified server. If this parameter is +supplied, the <a href="rpcclient.1.html#minusN"><strong>-N</strong></a> option (suppress password prompt) is assumed. +<p><br>There is no default password. If no password is supplied on the +command line (either by using this parameter or adding a password to +the <a href="rpcclient.1.html#minusU"><strong>-U</strong></a> option (see below)) and the <a href="rpcclient.1.html#minusN"><strong>-N</strong></a> option is not specified, +the client will prompt for a password, even if the desired service +does not require one. (If no password is required, simply press ENTER +to provide a null password.) +<p><br>Note: Some servers (including OS/2 and Windows for Workgroups) insist +on an uppercase password. Lowercase or mixed case passwords may be +rejected by these servers. +<p><br>Be cautious about including passwords in scripts. +<p><br><a name="minuss"></a> +<li><strong><strong>-s smb.conf</strong></strong> This parameter specifies the pathname to the +Samba configuration file, smb.conf. This file controls all aspects of +the Samba setup on the machine and rpcclient also needs to read this +file. +<p><br><a name="minusB"></a> +<li><strong><strong>-B IP addr</strong></strong> The IP address to use when sending a broadcast packet. +<p><br><a name="minusO"></a> +<li><strong><strong>-O socket options</strong></strong> TCP socket options to set on the client +socket. See the <a href="smb.conf.5.html#socketoptions">socket options</a> +parameter in the <a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> manpage for +the list of valid options. +<p><br><a name="minusR"></a> +<li><strong><strong>-R name resolve order</strong></strong> This option allows the user of +rpcclient to determine what name resolution services to use when +looking up the NetBIOS name of the host being connected to. +<p><br>The options are :"lmhosts", "host", "wins" and "bcast". They cause +names to be resolved as follows : +<p><br><ul> +<p><br><li > <strong>lmhosts</strong> : Lookup an IP address in the Samba lmhosts file. +The lmhosts file is stored in the same directory as the +<a href="smb.conf.5.html"><strong>smb.conf</strong></a> file. +<p><br><li > <strong>host</strong> : Do a standard host name to IP address resolution, +using the system /etc/hosts, NIS, or DNS lookups. This method of name +resolution is operating system depended for instance on IRIX or +Solaris this may be controlled by the <em>/etc/nsswitch.conf</em> file). +<p><br><li > <strong>wins</strong> : Query a name with the IP address listed in the <a href="smb.conf.5.html#winsserver"><strong>wins +server</strong></a> parameter in the smb.conf file. If +no WINS server has been specified this method will be ignored. +<p><br><li > <strong>bcast</strong> : Do a broadcast on each of the known local interfaces +listed in the <a href="smb.conf.5.html#interfaces"><strong>interfaces</strong></a> parameter +in the smb.conf file. This is the least reliable of the name resolution +methods as it depends on the target host being on a locally connected +subnet. To specify a particular broadcast address the <a href="rpcclient.1.html#minusB"><strong>-B</strong></a> option +may be used. +<p><br></ul> +<p><br>If this parameter is not set then the name resolve order defined +in the <a href="smb.conf.5.html"><strong>smb.conf</strong></a> file parameter +<a href="smb.conf.5.html#nameresolveorder">(<strong>name resolve order</strong>)</a> +will be used. +<p><br>The default order is lmhosts, host, wins, bcast and without this +parameter or any entry in the <a href="smb.conf.5.html#nameresolveorder"><strong>"name resolve +order"</strong></a> parameter of the +<a href="smb.conf.5.html"><strong>smb.conf</strong></a> file the name resolution methods +will be attempted in this order. +<p><br><a name="minusi"></a> +<li><strong><strong>-i scope</strong></strong> This specifies a NetBIOS scope that rpcclient will use +to communicate with when generating NetBIOS names. For details on the +use of NetBIOS scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes +are <em>very</em> rarely used, only set this parameter if you are the +system administrator in charge of all the NetBIOS systems you +communicate with. +<p><br><a name="minusN"></a> +<li><strong><strong>-N</strong></strong> If specified, this parameter suppresses the normal +password prompt from the client to the user. This is useful when +accessing a service that does not require a password. +<p><br>Unless a password is specified on the command line or this parameter +is specified, the client will request a password. +<p><br><a name="minusn"></a> +<li><strong><strong>-n NetBIOS name</strong></strong> By default, the client will use the local +machine's hostname (in uppercase) as its NetBIOS name. This parameter +allows you to override the host name and use whatever NetBIOS name you +wish. +<p><br><a name="minusd"></a> +<li><strong><strong>-d debuglevel</strong></strong> debuglevel is an integer from 0 to 10, or the +letter 'A'. +<p><br>The default value if this parameter is not specified is zero. +<p><br>The higher this value, the more detail will be logged to the log files +about the activities of the client. At level 0, only critical errors +and serious warnings will be logged. Level 1 is a reasonable level for +day to day running - it generates a small amount of information about +operations carried out. +<p><br>Levels above 1 will generate considerable amounts of log data, and +should only be used when investigating a problem. Levels above 3 are +designed for use only by developers and generate HUGE amounts of log +data, most of which is extremely cryptic. If debuglevel is set to the +letter 'A', then <em>all</em> debug messages will be printed. This setting +is for developers only (and people who <em>really</em> want to know how the +code works internally). +<p><br>Note that specifying this parameter here will override the <a href="smb.conf.5.html#loglevel"><strong>log +level</strong></a> parameter in the <a href="smb.conf.5.html"><strong>smb.conf +(5)</strong></a> file. +<p><br><a name="minusp"></a> +<li><strong><strong>-p port</strong></strong> This number is the TCP port number that will be used +when making connections to the server. The standard (well-known) TCP +port number for an SMB/CIFS server is 139, which is the default. +<p><br><a name="minusl"></a> +<li><strong><strong>-l logfilename</strong></strong> If specified, logfilename specifies a base +filename into which operational data from the running client will be +logged. +<p><br>The default base name is specified at compile time. +<p><br>The base name is used to generate actual log file names. For example, +if the name specified was "log", the debug file would be +<code>log.client</code>. +<p><br>The log file generated is never removed by the client. +<p><br><a name="minush"></a> +<li><strong><strong>-h</strong></strong> Print the usage message for the client. +<p><br><a name="minusI"></a> +<li><strong><strong>-I IP address</strong></strong> IP address is the address of the server to +connect to. It should be specified in standard "a.b.c.d" notation. +<p><br>Normally the client would attempt to locate a named SMB/CIFS server by +looking it up via the NetBIOS name resolution mechanism described +above in the <a href="rpcclient.1.html#minusR"><strong>name resolve order</strong></a> parameter +above. Using this parameter will force the client to assume that the +server is on the machine with the specified IP address and the NetBIOS +name component of the resource being connected to will be ignored. +<p><br>There is no default for this parameter. If not supplied, it will be +determined automatically by the client as described above. +<p><br><a name="minusE"></a> +<li><strong><strong>-E</strong></strong> This parameter causes the client to write messages to the +standard error stream (stderr) rather than to the standard output +stream. +<p><br>By default, the client writes messages to standard output - typically +the user's tty. +<p><br>Note that by default, debug information is always sent to stderr. +Debug information can instead be sent to a file, using the +<a href="rpcclient.1.html#minusl">-l log basename</a> option. +<p><br><a name="minusU"></a> +<li><strong><strong>-U username</strong></strong> This specifies the user name that will be used by +the client to make a connection, assuming your server is not a downlevel +server that is running a protocol level that uses passwords on shares, +not on usernames. +<p><br>Some servers are fussy about the case of this name, and some insist +that it must be a valid NetBIOS name. +<p><br>If no username is supplied, it will default to an uppercase version of +the environment variable <code>USER</code> or <code>LOGNAME</code> in that order. If no +username is supplied and neither environment variable exists the +username "GUEST" will be used. +<p><br>If the <code>USER</code> environment variable contains a '%' character, +everything after that will be treated as a password. This allows you +to set the environment variable to be <code>USER=username%password</code> so +that a password is not passed on the command line (where it may be +seen by the ps command). +<p><br>If the service you are connecting to requires a password, it can be +supplied using the <a href="rpcclient.1.html#minusU"><strong>-U</strong></a> option, by appending a percent symbol ("%") +then the password to username. For example, to attach to a service as +user <code>"fred"</code> with password <code>"secret"</code>, you would specify. <br> +<p><br><code>-U fred%secret</code> <br> +<p><br>on the command line. Note that there are no spaces around the percent +symbol. +<p><br>If you specify the password as part of username then the <a href="rpcclient.1.html#minusN"><strong>-N</strong></a> option +(suppress password prompt) is assumed. +<p><br>If you specify the password as a parameter <em>AND</em> as part of username +then the password as part of username will take precedence. Putting +nothing before or nothing after the percent symbol will cause an empty +username or an empty password to be used, respectively. +<p><br>The password may also be specified by setting up an environment +variable called <code>PASSWORD</code> that contains the users password. Note +that this may be very insecure on some systems but on others allows +users to script rpcclient commands without having a password appear in +the command line of a process listing. +<p><br>Note: Some servers (including OS/2 and Windows for Workgroups) insist +on an uppercase password. Lowercase or mixed case passwords may be +rejected by these servers. +<p><br>Be cautious about including passwords in scripts or in the +<code>PASSWORD</code> environment variable. Also, on many systems the command +line of a running process may be seen via the <code>ps</code> command to be +safe always allow rpcclient to prompt for a password and type it in +directly. +<p><br><a name="minust"></a> +<li><strong><strong>-t terminal code</strong></strong> This option tells rpcclient how to interpret +filenames coming from the remote server. Usually Asian language +multibyte UNIX implementations use different character sets than +SMB/CIFS servers (<em>EUC</em> instead of <em>SJIS</em> for example). Setting +this parameter will let rpcclient convert between the UNIX filenames +and the SMB filenames correctly. This option has not been seriously +tested and may have some problems. +<p><br>The terminal codes include <code>sjis</code>, <code>euc</code>, <code>jis7</code>, <code>jis8</code>, +<code>junet</code>, <code>hex</code>, <code>cap</code>. This is not a complete list, check the +Samba source code for the complete list. +<p><br><a name="minusm"></a> +<li><strong><strong>-m max protocol level</strong></strong> With the new code in Samba2.0, +<strong>rpcclient</strong> always attempts to connect at the maximum +protocols level the server supports. This parameter is +preserved for backwards compatibility, but any string +following the <strong>-m</strong> will be ignored. +<p><br><a name="minusW"></a> +<li><strong><strong>-W Domain</strong></strong> Override the default Domain, which is the remote server's +Domain. This option may be needed to connect to some servers. It is also +possible to specify the remote server name as the Domain, which will +force the username and password to be authenticated against the remote +server's local SAM instead of the Domain SAM. +<p><br><a name="minusc"></a> +<li><strong><strong>-c command string</strong></strong> command string is a semicolon separated +list of commands to be executed instead of prompting from stdin. +<a href="rpcclient.1.html#minusN"><strong>-N</strong></a> is implied by <strong>-c</strong>. +<p><br>This is particularly useful in scripts, e.g. <code>-c 'lsaquery; enumusers -u'</code>. +<p><br></ul> +<p><br><a name="OPERATIONS"></a> +<h2>OPERATIONS</h2> + +<p><br>Once the client is running, the user is presented with a prompt : +<p><br><code>smb:\></code> +<p><br>The prompt indicates that the client is ready and waiting to carry out +a user command. Each command is a single word, optionally followed by +parameters specific to that command. Command and parameters are +space-delimited unless these notes specifically state otherwise. All +commands are case-insensitive. Parameters to commands may or may not +be case sensitive, depending on the command. +<p><br>You can specify names (e.g registry keys; user or group names; +service names) which have spaces in them by quoting the +name with double quotes, for example "dRMON SmartAgent". +<p><br>Parameters shown in square brackets (e.g., "[parameter]") are +optional. If not given, the command will use suitable +defaults. Parameters shown in angle brackets (e.g., "<parameter>") are +required. +<p><br>Note that all commands operating on the server are actually performed +by issuing a request to the server. Thus the behavior may vary from +server to server, depending on how the server was implemented. +<p><br>The commands available are listed in groups relating to different services: +<p><br><ul> +<p><br><li><strong>Misccellaneous</strong> +<p><br><ul> +<p><br><a name="questionmark"></a> <li><strong><strong>? [command]</strong></strong> If "command" is specified, + the <strong>?</strong> command will display a brief informative message about the + specified command. If no command is specified, a list of available + commands will be displayed. +<p><br><a name="exclaimationmark"></a> <li><strong><strong>! [shell command]</strong></strong> If "shell command" + is specified, the <strong>!</strong> command will execute a shell locally and run + the specified shell command. If no command is specified, a local shell + will be run. +<p><br><a name="exit"></a> <li><strong><strong>exit</strong></strong> Terminate the connection with the server and + exit from the program. +<p><br><a name="help"></a> <li><strong><strong>help [command]</strong></strong> See the <a href="rpcclient.1.html#questionmark"><strong>?</strong></a> + command above. +<p><br><a name="quit"></a> <li><strong><strong>quit</strong></strong> See the <a href="rpcclient.1.html#exit"><strong>exit</strong></a> command. +<p><br></ul> +<p><br><li><strong>Event Log</strong> +<p><br><ul> +<p><br><a name="eventlog"></a> <li><strong><strong>eventlog</strong></strong> + list the events +<p><br></ul> +<p><br><li><strong>Service Control</strong> +<p><br>It is possible to use command-line completion (if you have + the GNU readline library) for Service names, by pressing the + tab key. +<p><br><ul> +<p><br><a name="svcenum"></a> <li><strong><strong>svcenum</strong></strong> + [-i] Lists Services Manager +<p><br><a name="svcinfo"></a> <li><strong><strong>svcinfo</strong></strong> + <service> Service Information +<p><br><a name="svcstart"></a> <li><strong><strong>svcstart</strong></strong> + <service> [arg 0] [arg 1] ... Start Service +<p><br><a name="svcstop"></a> <li><strong><strong>svcstop</strong></strong> + <service> Stop Service +<p><br></ul> +<p><br><li><strong>Scheduler</strong> +<p><br><ul> +<p><br><a name="at"></a> <li><strong><strong>at</strong></strong> + Scheduler control (at /? for syntax) +<p><br></ul> +<p><br><li><strong>Registry</strong> +<p><br>It is possible to use command-line completion (if you have + the GNU readline library) for registry key and value names, + by pressing the tab key. +<p><br><ul> +<p><br><a name="regenum"></a> <li><strong><strong>regenum</strong></strong> + <keyname> Registry Enumeration (keys, values) +<p><br><a name="regdeletekey"></a> <li><strong><strong>regdeletekey</strong></strong> + <keyname> Registry Key Delete +<p><br><a name="regcreatekey"></a> <li><strong><strong>regcreatekey</strong></strong> + <keyname> [keyclass] Registry Key Create +<p><br><a name="shutdown"></a> <li><strong><strong>shutdown</strong></strong> + [-m message] [-t timeout] [-r or --reboot] Server Shutdown +<p><br><a name="regqueryval"></a> <li><strong><strong>regqueryval</strong></strong> + <valname> Registry Value Query +<p><br><a name="regquerykey"></a> <li><strong><strong>regquerykey</strong></strong> + <keyname> Registry Key Query +<p><br><a name="regdeleteval"></a> <li><strong><strong>regdeleteval</strong></strong> + <valname> Registry Value Delete +<p><br><a name="regcreateval"></a> <li><strong><strong>regcreateval</strong></strong> + <valname> <valtype> <value> Registry Key Create +<p><br><a name="reggetsec"></a> <li><strong><strong>reggetsec</strong></strong> + <keyname> Registry Key Security +<p><br><a name="regtestsec"></a> <li><strong><strong>regtestsec</strong></strong> + <keyname> Test Registry Key Security +<p><br></ul> +<p><br><li><strong>Printing</strong> +<p><br>It is possible to use command-line completion (if you have + the GNU readline library) for Printer and job names, by + pressing the tab key. +<p><br><ul> +<p><br><a name="spoolenum"></a> <li><strong><strong>spoolenum</strong></strong> + Enumerate Printers +<p><br><a name="spooljobs"></a> <li><strong><strong>spooljobs</strong></strong> + <printer name> Enumerate Printer Jobs +<p><br><a name="spoolopen"></a> <li><strong><strong>spoolopen</strong></strong> + <printer name> Spool Printer Open Test +<p><br></ul> +<p><br><li><strong>Server</strong> +<p><br><ul> +<p><br><a name="time"></a> <li><strong><strong>time</strong></strong> + Display remote time +<p><br><a name="brsinfo"></a> <li><strong><strong>brsinfo</strong></strong> + Browser Query Info +<p><br><a name="wksinfo"></a> <li><strong><strong>wksinfo</strong></strong> + Workstation Query Info +<p><br><a name="srvinfo"></a> <li><strong><strong>srvinfo</strong></strong> + Server Query Info +<p><br><a name="srvsessions"></a> <li><strong><strong>srvsessions</strong></strong> + List sessions on a server +<p><br><a name="srvshares"></a> <li><strong><strong>srvshares</strong></strong> + List shares on a server +<p><br><a name="srvtransports"></a> <li><strong><strong>srvtransports</strong></strong> + List transports on a server +<p><br><a name="srvconnections"></a> <li><strong><strong>srvconnections</strong></strong> + List connections on a server +<p><br><a name="srvfiles"></a> <li><strong><strong>srvfiles</strong></strong> + List files on a server +<p><br></ul> +<p><br><li><strong>Local Security Authority</strong> +<p><br><ul> +<p><br><a name="lsaquery"></a> <li><strong><strong>lsaquery</strong></strong> + Query Info Policy (domain member or server) +<p><br><a name="lsaenumdomains"></a> <li><strong><strong>lsaenumdomains</strong></strong> + Enumerate Trusted Domains +<p><br><a name="lookupsids"></a> <li><strong><strong>lookupsids</strong></strong> + Resolve names from SIDs +<p><br><a name="lookupnames"></a> <li><strong><strong>lookupnames</strong></strong> + Resolve SIDs from names +<p><br><a name="querysecret"></a> <li><strong><strong>querysecret</strong></strong> + LSA Query Secret (developer use) +<p><br></ul> +<p><br><li><strong>NETLOGON</strong> +<p><br><ul> +<p><br><a name="ntlogin"></a> <li><strong><strong>ntlogin</strong></strong> + [username] [password] NT Domain login test +<p><br><a name="domtrust"></a> <li><strong><strong>domtrust</strong></strong> + <domain> NT Inter-Domain test +<p><br><a name="samsync"></a> <li><strong><strong>samsync</strong></strong> + SAM Synchronization Test (experimental) +<p><br></ul> +<p><br><li><strong>SAM Database</strong> +<p><br>It is possible to use command-line completion (if you have + the GNU readline library) for user, group, alias and domain + names, by pressing the tab key. +<p><br><ul> +<p><br><a name="lookupdomain"></a> <li><strong><strong>lookupdomain</strong></strong> + Obtain SID for a local domain +<p><br><a name="enumusers"></a> <li><strong><strong>enumusers</strong></strong> + SAM User Database Query (experimental!) +<p><br><a name="addgroupmem"></a> <li><strong><strong>addgroupmem</strong></strong> + <group rid> [user] [user] ... SAM Add Domain Group Member +<p><br><a name="addaliasmem"></a> <li><strong><strong>addaliasmem</strong></strong> + <alias rid> [member sid1] [member sid2] ... SAM Add Domain Alias Member +<p><br><a name="delgroupmem"></a> <li><strong><strong>delgroupmem</strong></strong> + <group rid> [user] [user] ... SAM Delete Domain Group Member +<p><br><a name="delaliasmem"></a> <li><strong><strong>delaliasmem</strong></strong> + <alias rid> [member sid1] [member sid2] ... SAM Delete Domain Alias Member +<p><br><a name="creategroup"></a> <li><strong><strong>creategroup</strong></strong> + SAM Create Domain Group +<p><br><a name="createalias"></a> <li><strong><strong>createalias</strong></strong> + SAM Create Domain Alias +<p><br><a name="createuser"></a> <li><strong><strong>createuser</strong></strong> + <username> SAM Create Domain User +<p><br><a name="delgroup"></a> <li><strong><strong>delgroup</strong></strong> + SAM Delete Domain Group +<p><br><a name="delalias"></a> <li><strong><strong>delalias</strong></strong> + SAM Delete Domain Alias +<p><br><a name="ntpass"></a> <li><strong><strong>ntpass</strong></strong> + NT SAM Password Change +<p><br><a name="samuserset2"></a> <li><strong><strong>samuserset2</strong></strong> + <username> [-s acb_bits] SAM User Set Info 2 (experimental!) +<p><br><a name="samuserset"></a> <li><strong><strong>samuserset</strong></strong> + <username> [-p password] SAM User Set Info (experimental!) +<p><br><a name="samuser"></a> <li><strong><strong>samuser</strong></strong> + <username> SAM User Query (experimental!) +<p><br><a name="samgroup"></a> <li><strong><strong>samgroup</strong></strong> + <groupname> SAM Group Query (experimental!) +<p><br><a name="samalias"></a> <li><strong><strong>samalias</strong></strong> + <aliasname> SAM Alias Query +<p><br><a name="samaliasmem"></a> <li><strong><strong>samaliasmem</strong></strong> + <aliasname> SAM Alias Members +<p><br><a name="samgroupmem"></a> <li><strong><strong>samgroupmem</strong></strong> + SAM Group Members +<p><br><a name="samtest"></a> <li><strong><strong>samtest</strong></strong> + SAM User Encrypted RPC test (experimental!) +<p><br><a name="enumaliases"></a> <li><strong><strong>enumaliases</strong></strong> + SAM Aliases Database Query (experimental!) +<p><br><a name="enumdomains"></a> <li><strong><strong>enumdomains</strong></strong> + SAM Domains Database Query (experimental!) +<p><br><a name="enumgroups"></a> <li><strong><strong>enumgroups</strong></strong> + SAM Group Database Query (experimental!) +<p><br><a name="dominfo"></a> <li><strong><strong>dominfo</strong></strong> + SAM Query Domain Info +<p><br><a name="dispinfo"></a> <li><strong><strong>dispinfo</strong></strong> + SAM Query Display Info +<p><br></ul> +<p><br></ul> +<p><br><a name="NOTES"></a> +<h2>NOTES</h2> + +<p><br>Some servers are fussy about the case of supplied usernames, +passwords, share names (AKA service names) and machine names. If you +fail to connect try giving all parameters in uppercase. +<p><br>It is often necessary to use the <a href="rpcclient.1.html#minusn"><strong>-n</strong></a> option when connecting +to some types of servers. For example OS/2 LanManager insists on a valid +NetBIOS name being used, so you need to supply a valid name that would +be known to the server. +<p><br>rpcclient only works on servers that support MSRPC over SMB. This includes +all versions of Windows NT, including the ports to Unix such as AS/U and +AFPS. Support for MSRPC over SMB in other servers is currently rare and +patchy, for example Samba 2.0 only supports a limited set of MSRPC commands, +and some of those are not supported very well. +<p><br><a name="ENVIRONMENTVARIABLES"></a> +<h2>ENVIRONMENT VARIABLES</h2> + +<p><br>The variable <strong>USER</strong> may contain the username of the person using the +client. This information is used only if the protocol level is high +enough to support session-level passwords. +<p><br>The variable <strong>PASSWORD</strong> may contain the password of the person using +the client. This information is used only if the protocol level is +high enough to support session-level passwords. +<p><br><a name="INSTALLATION"></a> +<h2>INSTALLATION</h2> + +<p><br>The location of the client program is a matter for individual system +administrators. The following are thus suggestions only. +<p><br>It is recommended that the rpcclient software be installed in the +/usr/local/samba/bin or /usr/samba/bin directory, this directory +readable by all, writeable only by root. The client program itself +should be executable by all. The client should <em>NOT</em> be setuid or +setgid! +<p><br>The client log files should be put in a directory readable and +writeable only by the user. +<p><br>To test the client, you will need to know the name of a running +SMB/CIFS server. It is possible to run <a href="smbd.8.html"><strong>smbd (8)</strong></a> +an ordinary user - running that server as a daemon on a +user-accessible port (typically any port number over 1024) would +provide a suitable test server. +<p><br><a name="DIAGNOSTICS"></a> +<h2>DIAGNOSTICS</h2> + +<p><br>Most diagnostics issued by the client are logged in a specified log +file. The log file name is specified at compile time, but may be +overridden on the command line. +<p><br>The number and nature of diagnostics available depends on the debug +level used by the client. If you have problems, set the debug level to +3 and peruse the log files. +<p><br><a name="VERSION"></a> +<h2>VERSION</h2> + +<p><br>This man page is correct for version 2.0 of the Samba suite. +<p><br><a name="BUGS"></a> +<h2>BUGS</h2> + +<p><br><ul> +<li><strong>WARNING!</strong> +The MSPRC over SMB code has been developed from examining Network traces. +No documentation is available from the original creators (Microsoft) on +how MSRPC over SMB works, or how the individual MSRPC services work. +Microsoft's implementation of these services has been demonstrated (and +reported) to be... a bit flakey in places. +<p><br>The development of Samba's implementation of these services is <em>also</em> +a bit rough, and as more of the services are understood, it can even result +in versions of <a href="smbd.8.html"><strong>smbd (8)</strong></a> and rpcclient that are +incompatible for some commands or services. Additionally, the developers +are sending reports to Microsoft, and problems found by or reported to +Microsoft are fixed in Service Packs, which may also result in +incompatibilities. +<p><br>It is therefore not guaranteed that the execution of an rpcclient command will +work. It is also not guaranteed that the target server will continue to +operate, i.e the execution of an MSRPC command may cause a remote service to +fail, or even cause the remote server to fail. Usual rules apply, of course: +the developers bear absolutely no responsibility for the use, misuse, or +lack of use of rpcclient, by any person or persons, whether legal, +illegal, accidental, deliberate, intentional, malicious, curious, etc. +<p><br><li><strong>Command Completion</strong> +Command-completion (available if you have the GNU readline library) used on +certain commands may not operate correctly if the word being completed (such as a registry key) contains a space. Typically, the name will be completed, but +you will have to go back and put quotes round it, yourself. +<p><br><li><strong>SAM Database command-completion</strong> +Command-completion (available if you have the GNU readline library) of user, +group and alias names does not work on remote Domains, which would normally +be specified like this: <br> +<code>DOMAIN_name\\user_name</code>. <br> +The only names that can be completed in this fashion are the local names +in the SAM database of the target server. +<p><br></ul> +<p><br><a name="AUTHOR"></a> +<h2>AUTHOR</h2> + +<p><br>The original Samba software and related utilities were created by +Andrew Tridgell <a href="mailto:samba-bugs@samba.org"><em>samba-bugs@samba.org</em></a>. Samba is now developed +by the Samba Team as an Open Source project similar to the way the +Linux kernel is developed. +<p><br>The original Samba man pages were written by Karl Auer. The man page +sources were converted to YODL format (another excellent piece of Open +Source software, available at +<a href="ftp://ftp.icce.rug.nl/pub/unix/"><strong>ftp://ftp.icce.rug.nl/pub/unix/</strong></a>) +and updated for the Samba2.0 release by Jeremy Allison. This man page +was developed cut-and-paste style from the smbclient man page, by +Luke Kenneth Casson Leighton. +<a href="mailto:samba-bugs@samba.org"><em>samba-bugs@samba.org</em></a>. +<p><br>See <a href="samba.7.html"><strong>samba (7)</strong></a> to find out how to get a full +list of contributors and details on how to submit bug reports, +comments etc. +<p><br></body> +</html> |