diff options
Diffstat (limited to 'docs/manpages/net.8.xml')
-rw-r--r-- | docs/manpages/net.8.xml | 905 |
1 files changed, 905 insertions, 0 deletions
diff --git a/docs/manpages/net.8.xml b/docs/manpages/net.8.xml new file mode 100644 index 0000000000..21dc54d452 --- /dev/null +++ b/docs/manpages/net.8.xml @@ -0,0 +1,905 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="net.8"> + +<refmeta> + <refentrytitle>net</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>net</refname> + <refpurpose>Tool for administration of Samba and remote + CIFS servers. + </refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>net</command> + <arg choice="req"><ads|rap|rpc></arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-w workgroup</arg> + <arg choice="opt">-W myworkgroup</arg> + <arg choice="opt">-U user</arg> + <arg choice="opt">-I ip-address</arg> + <arg choice="opt">-p port</arg> + <arg choice="opt">-n myname</arg> + <arg choice="opt">-s conffile</arg> + <arg choice="opt">-S server</arg> + <arg choice="opt">-l</arg> + <arg choice="opt">-P</arg> + <arg choice="opt">-D debuglevel</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The samba net utility is meant to work just like the net utility + available for windows and DOS. The first argument should be used + to specify the protocol to use when executing a certain command. + ADS is used for ActiveDirectory, RAP is using for old (Win9x/NT3) + clients and RPC can be used for NT4 and Windows 2000. If this + argument is omitted, net will try to determine it automatically. + Not all commands are available on all protocols. + </para> + +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + &stdarg.help; + + <varlistentry> + <term>-w target-workgroup</term> + <listitem><para> + Sets target workgroup or domain. You have to specify + either this option or the IP address or the name of a server. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-W workgroup</term> + <listitem><para> + Sets client workgroup or domain + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-U user</term> + <listitem><para> + User name to use + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-I ip-address</term> + <listitem><para> + IP address of target server to use. You have to + specify either this option or a target workgroup or + a target server. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-p port</term> + <listitem><para> + Port on the target server to connect to (usually 139 or 445). + Defaults to trying 445 first, then 139. + </para></listitem> + </varlistentry> + + &stdarg.netbios.name; + &stdarg.configfile; + + <varlistentry> + <term>-S server</term> + <listitem><para> + Name of target server. You should specify either + this option or a target workgroup or a target IP address. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-l</term> + <listitem><para> + When listing data, give more information on each item. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-P</term> + <listitem><para> + Make queries to the external server using the machine account of the local server. + </para></listitem> + </varlistentry> + + &stdarg.debug; + </variablelist> +</refsect1> + +<refsect1> +<title>COMMANDS</title> + +<refsect2> +<title>CHANGESECRETPW</title> + +<para>This command allows the Samba machine account password to be set from an external application +to a machine account password that has already been stored in Active Directory. DO NOT USE this command +unless you know exactly what you are doing. The use of this command requires that the force flag (-f) +be used also. There will be NO command prompt. Whatever information is piped into stdin, either by +typing at the command line or otherwise, will be stored as the literal machine password. Do NOT use +this without care and attention as it will overwrite a legitimate machine password without warning. +YOU HAVE BEEN WARNED. +</para> + +</refsect2> + +<refsect2> + <title>TIME</title> + + <para>The <command>NET TIME</command> command allows you to view the time on a remote server + or synchronise the time on the local server with the time on the remote server.</para> + +<refsect3> +<title>TIME</title> + +<para>Without any options, the <command>NET TIME</command> command +displays the time on the remote server. +</para> + +</refsect3> + +<refsect3> +<title>TIME SYSTEM</title> + +<para>Displays the time on the remote server in a format ready for <command>/bin/date</command></para> + +</refsect3> + +<refsect3> +<title>TIME SET</title> +<para>Tries to set the date and time of the local server to that on +the remote server using <command>/bin/date</command>. </para> + +</refsect3> + +<refsect3> +<title>TIME ZONE</title> + +<para>Displays the timezone in hours from GMT on the remote computer.</para> + +</refsect3> +</refsect2> + +<refsect2> +<title>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [options]</title> + +<para> +Join a domain. If the account already exists on the server, and +[TYPE] is MEMBER, the machine will attempt to join automatically. +(Assuming that the machine has been created in server manager) +Otherwise, a password will be prompted for, and a new account may +be created.</para> + +<para> +[TYPE] may be PDC, BDC or MEMBER to specify the type of server +joining the domain. +</para> +</refsect2> + +<refsect2> +<title>[RPC] OLDJOIN [options]</title> + +<para>Join a domain. Use the OLDJOIN option to join the domain +using the old style of domain joining - you need to create a trust +account in server manager first.</para> +</refsect2> + +<refsect2> +<title>[RPC|ADS] USER</title> + +<refsect3> +<title>[RPC|ADS] USER DELETE <replaceable>target</replaceable></title> + +<para>Delete specified user</para> + +</refsect3> + +<refsect3> +<title>[RPC|ADS] USER LIST</title> + +<para>List all users</para> + +</refsect3> + +<refsect3> +<title>[RPC|ADS] USER INFO <replaceable>target</replaceable></title> + +<para>List the domain groups of a the specified user.</para> + +</refsect3> + +<refsect3> +<title>[RPC|ADS] USER ADD <replaceable>name</replaceable> [password] [-F user flags] [-C comment]</title> + +<para>Add specified user.</para> +</refsect3> +</refsect2> + +<refsect2> +<title>[RPC|ADS] GROUP</title> + +<refsect3> +<title>[RPC|ADS] GROUP [misc options] [targets]</title> +<para>List user groups.</para> +</refsect3> + +<refsect3> +<title>[RPC|ADS] GROUP DELETE <replaceable>name</replaceable> [misc. options]</title> + +<para>Delete specified group.</para> + +</refsect3> + +<refsect3> +<title>[RPC|ADS] GROUP ADD <replaceable>name</replaceable> [-C comment]</title> + +<para>Create specified group.</para> + +</refsect3> +</refsect2> + +<refsect2> +<title>[RAP|RPC] SHARE</title> + +<refsect3> +<title>[RAP|RPC] SHARE [misc. options] [targets]</title> + +<para>Enumerates all exported resources (network shares) on target server.</para> + +</refsect3> + +<refsect3> +<title>[RAP|RPC] SHARE ADD <replaceable>name=serverpath</replaceable> [-C comment] [-M maxusers] [targets]</title> + +<para>Adds a share from a server (makes the export active). Maxusers +specifies the number of users that can be connected to the +share simultaneously.</para> + +</refsect3> + +<refsect3> +<title>SHARE DELETE <replaceable>sharenam</replaceable></title> + +<para>Delete specified share.</para> +</refsect3> +</refsect2> + +<refsect2> +<title>[RPC|RAP] FILE</title> + +<refsect3> +<title>[RPC|RAP] FILE</title> + +<para>List all open files on remote server.</para> + +</refsect3> + +<refsect3> +<title>[RPC|RAP] FILE CLOSE <replaceable>fileid</replaceable></title> + +<para>Close file with specified <replaceable>fileid</replaceable> on +remote server.</para> + +</refsect3> + +<refsect3> +<title>[RPC|RAP] FILE INFO <replaceable>fileid</replaceable></title> + +<para> +Print information on specified <replaceable>fileid</replaceable>. +Currently listed are: file-id, username, locks, path, permissions. +</para> + +</refsect3> + +<refsect3> +<title>[RAP|RPC] FILE USER</title> + +¬.implemented; + +</refsect3> + +</refsect2> + +<refsect2> +<title>SESSION</title> + +<refsect3> +<title>RAP SESSION</title> + +<para>Without any other options, SESSION enumerates all active SMB/CIFS +sessions on the target server.</para> + +</refsect3> + +<refsect3> +<title>RAP SESSION DELETE|CLOSE <replaceable>CLIENT_NAME</replaceable></title> + +<para>Close the specified sessions.</para> + +</refsect3> + +<refsect3> +<title>RAP SESSION INFO <replaceable>CLIENT_NAME</replaceable></title> + +<para>Give a list with all the open files in specified session.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>RAP SERVER <replaceable>DOMAIN</replaceable></title> + +<para>List all servers in specified domain or workgroup. Defaults +to local domain.</para> + +</refsect2> + +<refsect2> +<title>RAP DOMAIN</title> + +<para>Lists all domains and workgroups visible on the +current network.</para> + +</refsect2> + +<refsect2> +<title>RAP PRINTQ</title> + +<refsect3> +<title>RAP PRINTQ LIST <replaceable>QUEUE_NAME</replaceable></title> + +<para>Lists the specified print queue and print jobs on the server. +If the <replaceable>QUEUE_NAME</replaceable> is omitted, all +queues are listed.</para> + +</refsect3> + +<refsect3> +<title>RAP PRINTQ DELETE <replaceable>JOBID</replaceable></title> + +<para>Delete job with specified id.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>RAP VALIDATE <replaceable>user</replaceable> [<replaceable>password</replaceable>]</title> + +<para> +Validate whether the specified user can log in to the +remote server. If the password is not specified on the commandline, it +will be prompted. +</para> + +¬.implemented; + +</refsect2> + +<refsect2> +<title>RAP GROUPMEMBER</title> + +<refsect3> +<title>RAP GROUPMEMBER LIST <replaceable>GROUP</replaceable></title> + +<para>List all members of the specified group.</para> + +</refsect3> + +<refsect3> +<title>RAP GROUPMEMBER DELETE <replaceable>GROUP</replaceable> <replaceable>USER</replaceable></title> + +<para>Delete member from group.</para> + +</refsect3> + +<refsect3> +<title>RAP GROUPMEMBER ADD <replaceable>GROUP</replaceable> <replaceable>USER</replaceable></title> + +<para>Add member to group.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>RAP ADMIN <replaceable>command</replaceable></title> + +<para>Execute the specified <replaceable>command</replaceable> on +the remote server. Only works with OS/2 servers. +</para> + +¬.implemented; + +</refsect2> + +<refsect2> +<title>RAP SERVICE</title> + +<refsect3> +<title>RAP SERVICE START <replaceable>NAME</replaceable> [arguments...]</title> + +<para>Start the specified service on the remote server. Not implemented yet.</para> + +¬.implemented; + +</refsect3> + +<refsect3> +<title>RAP SERVICE STOP</title> + +<para>Stop the specified service on the remote server.</para> + +¬.implemented; + +</refsect3> + +</refsect2> + +<refsect2> +<title>RAP PASSWORD <replaceable>USER</replaceable> <replaceable>OLDPASS</replaceable> <replaceable>NEWPASS</replaceable></title> + +<para> +Change password of <replaceable>USER</replaceable> from <replaceable>OLDPASS</replaceable> to <replaceable>NEWPASS</replaceable>. +</para> + +</refsect2> + +<refsect2> +<title>LOOKUP</title> + +<refsect3> +<title>LOOKUP HOST <replaceable>HOSTNAME</replaceable> [<replaceable>TYPE</replaceable>]</title> + +<para> +Lookup the IP address of the given host with the specified type (netbios suffix). +The type defaults to 0x20 (workstation). +</para> + +</refsect3> + +<refsect3> +<title>LOOKUP LDAP [<replaceable>DOMAIN</replaceable></title> + +<para>Give IP address of LDAP server of specified <replaceable>DOMAIN</replaceable>. Defaults to local domain.</para> + +</refsect3> + +<refsect3> +<title>LOOKUP KDC [<replaceable>REALM</replaceable>]</title> + +<para>Give IP address of KDC for the specified <replaceable>REALM</replaceable>. +Defaults to local realm.</para> + +</refsect3> + +<refsect3> +<title>LOOKUP DC [<replaceable>DOMAIN</replaceable>]</title> + +<para>Give IP's of Domain Controllers for specified <replaceable> +DOMAIN</replaceable>. Defaults to local domain.</para> + +</refsect3> + +<refsect3> +<title>LOOKUP MASTER <replaceable>DOMAIN</replaceable></title> + +<para>Give IP of master browser for specified <replaceable>DOMAIN</replaceable> +or workgroup. Defaults to local domain.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>CACHE</title> + +<para>Samba uses a general caching interface called 'gencache'. It +can be controlled using 'NET CACHE'.</para> + +<para>All the timeout parameters support the suffixes: + +<simplelist> +<member>s - Seconds</member> +<member>m - Minutes</member> +<member>h - Hours</member> +<member>d - Days</member> +<member>w - Weeks</member> +</simplelist> + +</para> + +<refsect3> +<title>CACHE ADD <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable></title> + +<para>Add specified key+data to the cache with the given timeout.</para> + +</refsect3> + +<refsect3> +<title>CACHE DEL <replaceable>key</replaceable></title> + +<para>Delete key from the cache.</para> + +</refsect3> + +<refsect3> +<title>CACHE SET <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable></title> + +<para>Update data of existing cache entry.</para> + +</refsect3> + +<refsect3> +<title>CACHE SEARCH <replaceable>PATTERN</replaceable></title> + +<para>Search for the specified pattern in the cache data.</para> + +</refsect3> + +<refsect3> +<title>CACHE LIST</title> + +<para> +List all current items in the cache. +</para> + +</refsect3> + +<refsect3> +<title>CACHE FLUSH</title> + +<para>Remove all the current items from the cache.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>GETLOCALSID [DOMAIN]</title> + +<para>Print the SID of the specified domain, or if the parameter is +omitted, the SID of the domain the local server is in.</para> + +</refsect2> + +<refsect2> +<title>SETLOCALSID S-1-5-21-x-y-z</title> + +<para>Sets domain sid for the local server to the specified SID.</para> + +</refsect2> + +<refsect2> +<title>GROUPMAP</title> + +<para>Manage the mappings between Windows group SIDs and UNIX groups. +Parameters take the for "parameter=value". Common options include:</para> + +<itemizedlist> +<listitem><para>unixgroup - Name of the UNIX group</para></listitem> +<listitem><para>ntgroup - Name of the Windows NT group (must be + resolvable to a SID</para></listitem> +<listitem><para>rid - Unsigned 32-bit integer</para></listitem> +<listitem><para>sid - Full SID in the form of "S-1-..."</para></listitem> +<listitem><para>type - Type of the group; either 'domain', 'local', + or 'builtin'</para></listitem> +<listitem><para>comment - Freeform text description of the group</para></listitem> +</itemizedlist> + +<refsect3> +<title>GROUPMAP ADD</title> + +<para>Add a new group mapping entry</para> + +<para>net groupmap add {rid=int|sid=string} unixgroup=string [type={domain|local|builtin}] [ntgroup=string] [comment=string]</para> + +</refsect3> + +<refsect3> +<title>GROUPMAP DELETE</title> + +<para>Delete a group mapping entry</para> + +<para>net groupmap delete {ntgroup=string|sid=SID}</para> + +</refsect3> + +<refsect3> +<title>GROUPMAP MODIFY</title> + +<para>Update en existing group entry</para> + +<para>net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] [comment=string] [type={domain|local}</para> +</refsect3> + +<refsect3> +<title>GROUPMAP LIST</title> + +<para>List existing group mapping entries</para> + +<para>net groupmap list [verbose] [ntgroup=string] [sid=SID]</para> + +</refsect3> +</refsect2> + + + +<refsect2> +<title>MAXRID</title> + +<para>Prints out the highest RID currently in use on the local +server (by the active 'passdb backend'). +</para> + +</refsect2> + +<refsect2> +<title>RPC INFO</title> + +<para>Print information about the domain of the remote server, +such as domain name, domain sid and number of users and groups. +</para> + +</refsect2> + +<refsect2> +<title>[RPC|ADS] TESTJOIN</title> + +<para>Check whether participation in a domain is still valid.</para> + +</refsect2> + +<refsect2> +<title>[RPC|ADS] CHANGETRUSTPW</title> + +<para>Force change of domain trust password.</para> + +</refsect2> + +<refsect2> +<title>RPC TRUSTDOM</title> + +<refsect3> +<title>RPC TRUSTDOM ADD <replaceable>DOMAIN</replaceable></title> + +<para>Add a interdomain trust account for +<replaceable>DOMAIN</replaceable> to the remote server. +</para> + +</refsect3> + +<refsect3> +<title>RPC TRUSTDOM DEL <replaceable>DOMAIM</replaceable></title> + +<para>Remove interdomain trust account for +<replaceable>DOMAIN</replaceable> from the remote server. +</para> + +¬.implemented; + +</refsect3> + +<refsect3> +<title>RPC TRUSTDOM ESTABLISH <replaceable>DOMAIN</replaceable></title> + +<para> +Establish a trust relationship to a trusting domain. +Interdomain account must already be created on the remote PDC. +</para> + +</refsect3> + +<refsect3> +<title>RPC TRUSTDOM REVOKE <replaceable>DOMAIN</replaceable></title> +<para>Abandon relationship to trusted domain</para> + +</refsect3> + +<refsect3> +<title>RPC TRUSTDOM LIST</title> + +<para>List all current interdomain trust relationships.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>RPC ABORTSHUTDOWN</title> + +<para>Abort the shutdown of a remote server.</para> + +</refsect2> + +<refsect2> +<title>SHUTDOWN [-t timeout] [-r] [-f] [-C message]</title> + +<para>Shut down the remote server.</para> + +<variablelist> +<varlistentry> +<term>-r</term> +<listitem><para> +Reboot after shutdown. +</para></listitem> +</varlistentry> + +<varlistentry> +<term>-f</term> +<listitem><para> +Force shutting down all applications. +</para></listitem> +</varlistentry> + +<varlistentry> +<term>-t timeout</term> +<listitem><para> +Timeout before system will be shut down. An interactive +user of the system can use this time to cancel the shutdown. +</para></listitem> +</varlistentry>'> + +<varlistentry> +<term>-C message</term> +<listitem><para>Display the specified message on the screen to +announce the shutdown.</para></listitem> +</varlistentry> +</variablelist> + +</refsect2> + +<refsect2> +<title>SAMDUMP</title> + +<para>Print out sam database of remote server. You need +to run this on either a BDC. <!-- +Is that correct? - Jelmer --></para> +</refsect2> + +<refsect2> +<title>VAMPIRE</title> + +<para>Export users, aliases and groups from remote server to +local server. Can only be run an a BDC. +</para> + +</refsect2> + +<refsect2> +<title>GETSID</title> + +<para>Fetch domain SID and store it in the local <filename>secrets.tdb</filename>. </para> + +</refsect2> + +<refsect2> +<title>ADS LEAVE</title> + +<para>Make the remote host leave the domain it is part of. </para> + +</refsect2> + +<refsect2> +<title>ADS STATUS</title> + +<para>Print out status of machine account of the local machine in ADS. +Prints out quite some debug info. Aimed at developers, regular +users should use <command>NET ADS TESTJOIN</command>.</para> + +</refsect2> + +<refsect2> +<title>ADS PRINTER</title> + +<refsect3> +<title>ADS PRINTER INFO [<replaceable>PRINTER</replaceable>] [<replaceable>SERVER</replaceable>]</title> + +<para> +Lookup info for <replaceable>PRINTER</replaceable> on <replaceable>SERVER</replaceable>. The printer name defaults to "*", the +server name defaults to the local host.</para> + +</refsect3> + +<refsect3> +<title>ADS PRINTER PUBLISH <replaceable>PRINTER</replaceable></title> + +<para>Publish specified printer using ADS.</para> + +</refsect3> + +<refsect3> +<title>ADS PRINTER REMOVE <replaceable>PRINTER</replaceable></title> + +<para>Remove specified printer from ADS directory.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>ADS SEARCH <replaceable>EXPRESSION</replaceable> <replaceable>ATTRIBUTES...</replaceable></title> + +<para>Perform a raw LDAP search on a ADS server and dump the results. The +expression is a standard LDAP search expression, and the +attributes are a list of LDAP fields to show in the results.</para> + +<para>Example: <userinput>net ads search '(objectCategory=group)' sAMAccountName</userinput> +</para> + +</refsect2> + +<refsect2> +<title>ADS DN <replaceable>DN</replaceable> <replaceable>(attributes)</replaceable></title> + +<para> +Perform a raw LDAP search on a ADS server and dump the results. The +DN standard LDAP DN, and the attributes are a list of LDAP fields +to show in the result. +</para> + +<para>Example: <userinput>net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName</userinput></para> + +</refsect2> + +<refsect2> +<title>WORKGROUP</title> + +<para>Print out workgroup name for specified kerberos realm.</para> + +</refsect2> + + +<refsect2> +<title>HELP [COMMAND]</title> + +<para>Gives usage information for the specified command.</para> + +</refsect2> + +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is complete for version 3.0 of the Samba + suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The net manpage was written by Jelmer Vernooij.</para> + +</refsect1> + +</refentry> |