diff options
Diffstat (limited to 'docs/manpages')
38 files changed, 9711 insertions, 0 deletions
diff --git a/docs/manpages/.cvsignore b/docs/manpages/.cvsignore new file mode 100644 index 0000000000..90c11de0f9 --- /dev/null +++ b/docs/manpages/.cvsignore @@ -0,0 +1 @@ +smb.conf.5.xml diff --git a/docs/manpages/editreg.1.xml b/docs/manpages/editreg.1.xml new file mode 100644 index 0000000000..0a6b36bcf0 --- /dev/null +++ b/docs/manpages/editreg.1.xml @@ -0,0 +1,87 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="editreg.1"> + +<refmeta> + <refentrytitle>editreg</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>editreg</refname> + <refpurpose>A utility to report and change SIDs in registry files + </refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>editreg</command> + <arg choice="opt">-v</arg> + <arg choice="opt">-c file</arg> + <arg choice="req">file</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>editreg</command> is a utility that + can visualize windows registry files (currently only NT4) and apply + so-called commandfiles to them. + </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>registry_file</term> + <listitem><para>Registry file to view or edit. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-v,--verbose</term> + <listitem><para>Increases verbosity of messages. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-c commandfile</term> + <listitem><para>Read commands to execute on <filename>registry_file</filename> from <filename>commandfile</filename>. Currently not yet supported! + </para></listitem> + </varlistentry> + + &stdarg.help; + + </variablelist> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba + suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The editreg man page was written by Jelmer Vernooij. </para> +</refsect1> + +</refentry> diff --git a/docs/manpages/findsmb.1.xml b/docs/manpages/findsmb.1.xml new file mode 100644 index 0000000000..8a89b2ce24 --- /dev/null +++ b/docs/manpages/findsmb.1.xml @@ -0,0 +1,152 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="findsmb.1"> + +<refmeta> + <refentrytitle>findsmb</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>findsmb</refname> + <refpurpose>list info about machines that respond to SMB + name queries on a subnet</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>findsmb</command> + <arg choice="opt">subnet broadcast address</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This perl script is part of the <citerefentry> + <refentrytitle>Samba</refentrytitle><manvolnum>7</manvolnum></citerefentry> + suite.</para> + + <para><command>findsmb</command> is a perl script that + prints out several pieces of information about machines + on a subnet that respond to SMB name query requests. + It uses <citerefentry><refentrytitle>nmblookup</refentrytitle><manvolnum>1</manvolnum></citerefentry> + and <citerefentry><refentrytitle>smbclient</refentrytitle><manvolnum>1</manvolnum></citerefentry> + to obtain this information. + </para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-r</term> + <listitem><para>Controls whether <command>findsmb</command> takes + bugs in Windows95 into account when trying to find a Netbios name + registered of the remote machine. This option is disabled by default + because it is specific to Windows 95 and Windows 95 machines only. + If set, <citerefentry><refentrytitle>nmblookup</refentrytitle><manvolnum>1</manvolnum></citerefentry> + will be called with <constant>-B</constant> option.</para></listitem> + </varlistentry> + <varlistentry> + <term>subnet broadcast address</term> + <listitem><para>Without this option, <command>findsmb + </command> will probe the subnet of the machine where + <citerefentry><refentrytitle>findsmb</refentrytitle><manvolnum>1</manvolnum></citerefentry> + is run. This value is passed to + <citerefentry><refentrytitle>nmblookup</refentrytitle><manvolnum>1</manvolnum></citerefentry> + as part of the <constant>-B</constant> option.</para></listitem> + </varlistentry> + </variablelist> +</refsect1> + +<refsect1> + <title>EXAMPLES</title> + + <para>The output of <command>findsmb</command> lists the following + information for all machines that respond to the initial + <command>nmblookup</command> for any name: IP address, NetBIOS name, + Workgroup name, operating system, and SMB server version.</para> + + <para>There will be a '+' in front of the workgroup name for + machines that are local master browsers for that workgroup. There + will be an '*' in front of the workgroup name for + machines that are the domain master browser for that workgroup. + Machines that are running Windows, Windows 95 or Windows 98 will + not show any information about the operating system or server + version.</para> + + <para>The command with <constant>-r</constant> option + must be run on a system without <citerefentry> + <refentrytitle>nmbd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> running. + + If <command>nmbd</command> is running on the system, you will + only get the IP address and the DNS name of the machine. To + get proper responses from Windows 95 and Windows 98 machines, + the command must be run as root and with <constant>-r</constant> + option on a machine without <command>nmbd</command> running.</para> + + <para>For example, running <command>findsmb</command> + without <constant>-r</constant> option set would yield output similar + to the following</para> + +<screen> +IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION +--------------------------------------------------------------------- +192.168.35.10 MINESET-TEST1 [DMVENGR] +192.168.35.55 LINUXBOX *[MYGROUP] [Unix] [Samba 2.0.6] +192.168.35.56 HERBNT2 [HERB-NT] +192.168.35.63 GANDALF [MVENGR] [Unix] [Samba 2.0.5a for IRIX] +192.168.35.65 SAUNA [WORKGROUP] [Unix] [Samba 1.9.18p10] +192.168.35.71 FROGSTAR [ENGR] [Unix] [Samba 2.0.0 for IRIX] +192.168.35.78 HERBDHCP1 +[HERB] +192.168.35.88 SCNT2 +[MVENGR] [Windows NT 4.0] [NT LAN Manager 4.0] +192.168.35.93 FROGSTAR-PC [MVENGR] [Windows 5.0] [Windows 2000 LAN Manager] +192.168.35.97 HERBNT1 *[HERB-NT] [Windows NT 4.0] [NT LAN Manager 4.0] +</screen> + +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>nmbd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, + <citerefentry><refentrytitle>smbclient</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, and <citerefentry><refentrytitle>nmblookup</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> + </para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink + url="ftp://ftp.icce.rug.nl/pub/unix/">ftp://ftp.icce.rug.nl/pub/unix/</ulink>) + and updated for the Samba 2.0 release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook + XML 4.2 for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/lmhosts.5.xml b/docs/manpages/lmhosts.5.xml new file mode 100644 index 0000000000..afee69bc96 --- /dev/null +++ b/docs/manpages/lmhosts.5.xml @@ -0,0 +1,127 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="lmhosts.5"> + +<refmeta> + <refentrytitle>lmhosts</refentrytitle> + <manvolnum>5</manvolnum> +</refmeta> + + +<refnamediv> + <refname>lmhosts</refname> + <refpurpose>The Samba NetBIOS hosts file</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <para><filename>lmhosts</filename> is the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> NetBIOS name to IP address mapping file.</para> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This file is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><filename>lmhosts</filename> is the <emphasis>Samba + </emphasis> NetBIOS name to IP address mapping file. It + is very similar to the <filename>/etc/hosts</filename> file + format, except that the hostname component must correspond + to the NetBIOS naming format.</para> +</refsect1> + +<refsect1> + <title>FILE FORMAT</title> + <para>It is an ASCII file containing one line for NetBIOS name. + The two fields on each line are separated from each other by + white space. Any entry beginning with '#' is ignored. Each line + in the lmhosts file contains the following information:</para> + + <itemizedlist> + <listitem><para>IP Address - in dotted decimal format.</para> + </listitem> + + <listitem><para>NetBIOS Name - This name format is a + maximum fifteen character host name, with an optional + trailing '#' character followed by the NetBIOS name type + as two hexadecimal digits.</para> + + <para>If the trailing '#' is omitted then the given IP + address will be returned for all names that match the given + name, whatever the NetBIOS name type in the lookup.</para> + </listitem> + </itemizedlist> + + <para>An example follows:</para> + + <programlisting> +# +# Sample Samba lmhosts file. +# +192.9.200.1 TESTPC +192.9.200.20 NTSERVER#20 +192.9.200.21 SAMBASERVER + </programlisting> + + <para>Contains three IP to NetBIOS name mappings. The first + and third will be returned for any queries for the names "TESTPC" + and "SAMBASERVER" respectively, whatever the type component of + the NetBIOS name requested.</para> + + <para>The second mapping will be returned only when the "0x20" name + type for a name "NTSERVER" is queried. Any other name type will not + be resolved.</para> + + <para>The default location of the <filename>lmhosts</filename> file + is in the same directory as the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file.</para> + +</refsect1> + +<refsect1> + <title>FILES</title> + + <para>lmhosts is loaded from the configuration directory. This is + usually <filename>/etc/samba</filename> or <filename>/usr/local/samba/lib</filename>. + </para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>smbclient</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, <citerefentry><refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, and <citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> + </para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at + <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook + XML 4.2 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/log2pcap.1.xml b/docs/manpages/log2pcap.1.xml new file mode 100644 index 0000000000..e8c03c5dc1 --- /dev/null +++ b/docs/manpages/log2pcap.1.xml @@ -0,0 +1,138 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="log2pcap.1"> + +<refmeta> + <refentrytitle>log2pcap</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>log2pcap</refname> + <refpurpose>Extract network traces from Samba log files</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>log2pcap</command> + <arg choice="opt">-h</arg> + <arg choice="opt">-q</arg> + <arg choice="opt">logfile</arg> + <arg choice="opt">pcap_file</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>log2pcap</command> reads in a + samba log file and generates a pcap file (readable + by most sniffers, such as ethereal or tcpdump) based on the packet + dumps in the log file.</para> + + <para>The log file must have a <parameter>log level</parameter> + of at least <constant>5</constant> to get the SMB header/parameters + right, <constant>10</constant> to get the first 512 data bytes of the + packet and <constant>50</constant> to get the whole packet. + </para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-h</term> + <listitem><para>If this parameter is + specified the output file will be a + hex dump, in a format that is readable + by the <application>text2pcap</application> utility.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-q</term> + <listitem><para>Be quiet. No warning messages about missing + or incomplete data will be given.</para></listitem> + </varlistentry> + + <varlistentry> + <term>logfile</term> + <listitem><para> + Samba log file. log2pcap will try to read the log from stdin + if the log file is not specified. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>pcap_file</term> + <listitem><para> + Name of the output file to write the pcap (or hexdump) data to. + If this argument is not specified, output data will be written + to stdout. + </para></listitem> + </varlistentry> + + &stdarg.help; + + </variablelist> +</refsect1> + +<refsect1> + <title>EXAMPLES</title> + + <para>Extract all network traffic from all samba log files:</para> + + <para><screen> + <prompt>$</prompt> log2pcap < /var/log/* > trace.pcap + </screen></para> + + <para>Convert to pcap using text2pcap:</para> + + <para><screen> + <prompt>$</prompt> log2pcap -h samba.log | text2pcap -T 139,139 - trace.pcap + </screen></para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>BUGS</title> + + <para>Only SMB data is extracted from the samba logs, no LDAP, + NetBIOS lookup or other data.</para> + + <para>The generated TCP and IP headers don't contain a valid + checksum.</para> + +</refsect1> + + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>text2pcap</refentrytitle> + <manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>ethereal</refentrytitle><manvolnum>1</manvolnum></citerefentry></para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>This manpage was written by Jelmer Vernooij.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/mount.cifs.8.xml b/docs/manpages/mount.cifs.8.xml new file mode 100644 index 0000000000..d674d03cac --- /dev/null +++ b/docs/manpages/mount.cifs.8.xml @@ -0,0 +1,306 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="mount.cifs.8"> + +<refmeta> + <refentrytitle>mount.cifs</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>mount.cifs</refname> + <refpurpose>mount using the Common Internet File System (CIFS)</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + + <command>mount.cifs</command> + <arg choice="req">service</arg> + <arg choice="req">mount-point</arg> + <arg choice="opt">-o options</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>mount.cifs mounts a Linux CIFS filesystem. It +is usually invoked indirectly by +the <citerefentry><refentrytitle>mount</refentrytitle><manvolnum>8</manvolnum></citerefentry> command when using the +"-t cifs" option. This command only works in Linux, and the kernel must +support the cifs filesystem. The CIFS protocol is the successor to the +SMB protocol and is supported by most Windows servers and many other +commercial servers and Network Attached Storage appliances as well as +by the popular Open Source server Samba. + </para> + + <para> + The mount.cifs utility attaches the UNC name (exported network resource) to + the local directory <emphasis>mount-point</emphasis>. It is possible to set the mode for mount.cifs to +setuid root to allow non-root users to mount shares to directories for which they +have write permission. + </para> + + <para> + Options to <emphasis>mount.cifs</emphasis> are specified as a comma-separated +list of key=value pairs. It is possible to send options other +than those listed here, assuming that cifs filesystem supports them. +Unrecognized cifs mount options passed to the cifs vfs kernel code will be logged to the +kernel log. + + </para> + + <para><emphasis>mount.cifs</emphasis> causes the cifs vfs to launch a thread named cifsd. After mounting it keeps running until + the mounted resource is unmounted (usually via the umount utility). + </para> + +</refsect1> + +<refsect1> + <title>OPTIONS</title> + <variablelist> + <varlistentry><term>user=<replaceable>arg</replaceable></term> + + <listitem><para>specifies the username to connect as. If + this is not given, then the environment variable <emphasis>USER</emphasis> is used. This option can also take the +form "user%password" or "user/workgroup" or +"user/workgroup%password" to allow the password and workgroup +to be specified as part of the username. + </para> + +<note> + <para> + The cifs vfs accepts the parameter <parameter>user=</parameter>, or for users familiar with smbfs it accepts the longer form of the parameter <parameter>username=</parameter>. Similarly the longer smbfs style parameter names may be accepted as synonyms for the shorter cifs parameters <parameter>pass=</parameter>,<parameter>dom=</parameter> and <parameter>cred=</parameter>. + </para> +</note> + + </listitem> + </varlistentry> + + <varlistentry><term>password=<replaceable>arg</replaceable></term> + + <listitem><para>specifies the CIFS password. If this +option is not given then the environment variable +<emphasis>PASSWD</emphasis> is used. If the password is not specified +directly or indirectly via an argument to mount <emphasis>mount.cifs</emphasis> will prompt +for a password, unless the guest option is specified. +</para> + +<para>Note that a password which contains the delimiter +character (i.e. a comma ',') will fail to be parsed correctly +on the command line. However, the same password defined +in the PASSWD environment variable or via a credentials file (see +below) will be read correctly. +</para> + </listitem></varlistentry> + + <varlistentry><term>credentials=<replaceable>filename</replaceable></term> + + <listitem><para> + specifies a file that contains a username + and/or password. The format of the file is: + </para> + +<programlisting> + username = <replaceable>value</replaceable> + password = <replaceable>value</replaceable> +</programlisting> + + <para> +This is preferred over having passwords in plaintext in a +shared file, such as <filename>/etc/fstab</filename>. Be sure to protect any +credentials file properly. + </para> + </listitem></varlistentry> + + <varlistentry> + <term>uid=<replaceable>arg</replaceable></term> + + <listitem><para>sets the uid that will own all files on + the mounted filesystem. + It may be specified as either a username or a numeric uid. + This parameter is ignored when the target server supports + the CIFS Unix extensions.</para></listitem> + </varlistentry> + + <varlistentry> + <term>gid=<replaceable>arg</replaceable></term> + + <listitem><para>sets the gid that will own all files on +the mounted filesystem. +It may be specified as either a groupname or a numeric +gid. This parameter is ignored when the target server supports +the CIFS Unix extensions. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>port=<replaceable>arg</replaceable></term> + + <listitem><para>sets the port number on the server to attempt to contact to negotiate +CIFS support. If the CIFS server is not listening on this port or +if it is not specified, the default ports will be tried i.e. +port 445 is tried and if no response then port 139 is tried. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>file_mode=<replaceable>arg</replaceable></term> + + <listitem><para>If the server does not support the CIFS Unix extensions this + overrides the default file mode.</para></listitem> + </varlistentry> + + <varlistentry> + <term>dir_mode=<replaceable>arg</replaceable></term> + + <listitem><para>If the server does not support the CIFS Unix extensions this + overrides the default mode for directories. </para></listitem> + </varlistentry> + + <varlistentry> + <term>ip=<replaceable>arg</replaceable></term> + + <listitem><para>sets the destination host or IP address.</para></listitem> + </varlistentry> + + <varlistentry> + <term>domain=<replaceable>arg</replaceable></term> + + <listitem><para>sets the domain (workgroup) of the user </para></listitem> + </varlistentry> + + <varlistentry> + <term>guest</term> + + <listitem><para>don't prompt for a password </para></listitem> + + </varlistentry> + + <varlistentry> + <term>ro</term> + + <listitem><para>mount read-only</para></listitem> + + </varlistentry> + + <varlistentry> + <term>rw</term> + <listitem><para>mount read-write</para></listitem> + </varlistentry> + + <varlistentry> + <term>rsize</term> + <listitem><para>default network read size</para></listitem> + </varlistentry> + + <varlistentry> + <term>wsize</term> + + <listitem><para>default network write size</para></listitem> + </varlistentry> + + </variablelist> +</refsect1> + +<refsect1> + <title>ENVIRONMENT VARIABLES</title> + + <para> + The variable <emphasis>USER</emphasis> may contain the username of the +person to be used to authenticate to the server. +The variable can be used to set both username and +password by using the format username%password. + </para> + + <para> + The variable <emphasis>PASSWD</emphasis> may contain the password of the +person using the client. + </para> + + <para> + The variable <emphasis>PASSWD_FILE</emphasis> may contain the pathname +of a file to read the password from. A single line of input is +read and used as the password. + </para> + +</refsect1> + +<refsect1> + <title>NOTES</title> + + <para>This command may be used only by root, unless installed setuid, in which case the noeexec and nosuid mount flags are enabled.</para> +</refsect1> + +<refsect1> + <title>CONFIGURATION</title> + <para> +The primary mechanism for making configuration changes and for reading +debug information for the cifs vfs is via the Linux /proc filesystem. +In the directory /proc/fs/cifs are various configuration files and +pseudo files which can display debug information. For more +information see the kernel file fs/cifs/README +</para> +</refsect1> + +<refsect1> + <title>BUGS</title> + + <para>Passwords and other options containing , can not be handled. +For passwords an alternative way of passing them is in a credentials +file or in the PASSWD environment.</para> + + <para>The credentials file does not handle usernames or passwords with + leading space.</para> + + <para> +Note that the typical response to a bug report is a suggestion +to try the latest version first. So please try doing that first, +and always include which versions you use of relevant software +when reporting bugs (minimum: mount.cifs (try mount.cifs -V), kernel (see /proc/version) and +server type you are trying to contact. +</para> +</refsect1> + + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 1.0.6 of + the cifs vfs filesystem (roughly Linux kernel 2.6.6).</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para> + Documentation/filesystems/cifs.txt and fs/cifs/README in the linux kernel + source tree may contain additional options and information. +</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>Steve French</para> + + <para>The syntax and manpage were loosely based on that of smbmount. It + was converted to Docbook/XML by Jelmer Vernooij.</para> + + <para>The maintainer of the Linux cifs vfs and the userspace + tool <emphasis>mount.cifs</emphasis> is <ulink url="mailto:sfrench@samba.org">Steve French</ulink>. + The <ulink url="mailto:linux-cifs-client@lists.samba.org">Linux CIFS Mailing list</ulink> + is the preferred place to ask questions regarding these programs. + </para> + +</refsect1> + +</refentry> diff --git a/docs/manpages/net.8.xml b/docs/manpages/net.8.xml new file mode 100644 index 0000000000..21dc54d452 --- /dev/null +++ b/docs/manpages/net.8.xml @@ -0,0 +1,905 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="net.8"> + +<refmeta> + <refentrytitle>net</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>net</refname> + <refpurpose>Tool for administration of Samba and remote + CIFS servers. + </refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>net</command> + <arg choice="req"><ads|rap|rpc></arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-w workgroup</arg> + <arg choice="opt">-W myworkgroup</arg> + <arg choice="opt">-U user</arg> + <arg choice="opt">-I ip-address</arg> + <arg choice="opt">-p port</arg> + <arg choice="opt">-n myname</arg> + <arg choice="opt">-s conffile</arg> + <arg choice="opt">-S server</arg> + <arg choice="opt">-l</arg> + <arg choice="opt">-P</arg> + <arg choice="opt">-D debuglevel</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The samba net utility is meant to work just like the net utility + available for windows and DOS. The first argument should be used + to specify the protocol to use when executing a certain command. + ADS is used for ActiveDirectory, RAP is using for old (Win9x/NT3) + clients and RPC can be used for NT4 and Windows 2000. If this + argument is omitted, net will try to determine it automatically. + Not all commands are available on all protocols. + </para> + +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + &stdarg.help; + + <varlistentry> + <term>-w target-workgroup</term> + <listitem><para> + Sets target workgroup or domain. You have to specify + either this option or the IP address or the name of a server. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-W workgroup</term> + <listitem><para> + Sets client workgroup or domain + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-U user</term> + <listitem><para> + User name to use + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-I ip-address</term> + <listitem><para> + IP address of target server to use. You have to + specify either this option or a target workgroup or + a target server. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-p port</term> + <listitem><para> + Port on the target server to connect to (usually 139 or 445). + Defaults to trying 445 first, then 139. + </para></listitem> + </varlistentry> + + &stdarg.netbios.name; + &stdarg.configfile; + + <varlistentry> + <term>-S server</term> + <listitem><para> + Name of target server. You should specify either + this option or a target workgroup or a target IP address. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-l</term> + <listitem><para> + When listing data, give more information on each item. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-P</term> + <listitem><para> + Make queries to the external server using the machine account of the local server. + </para></listitem> + </varlistentry> + + &stdarg.debug; + </variablelist> +</refsect1> + +<refsect1> +<title>COMMANDS</title> + +<refsect2> +<title>CHANGESECRETPW</title> + +<para>This command allows the Samba machine account password to be set from an external application +to a machine account password that has already been stored in Active Directory. DO NOT USE this command +unless you know exactly what you are doing. The use of this command requires that the force flag (-f) +be used also. There will be NO command prompt. Whatever information is piped into stdin, either by +typing at the command line or otherwise, will be stored as the literal machine password. Do NOT use +this without care and attention as it will overwrite a legitimate machine password without warning. +YOU HAVE BEEN WARNED. +</para> + +</refsect2> + +<refsect2> + <title>TIME</title> + + <para>The <command>NET TIME</command> command allows you to view the time on a remote server + or synchronise the time on the local server with the time on the remote server.</para> + +<refsect3> +<title>TIME</title> + +<para>Without any options, the <command>NET TIME</command> command +displays the time on the remote server. +</para> + +</refsect3> + +<refsect3> +<title>TIME SYSTEM</title> + +<para>Displays the time on the remote server in a format ready for <command>/bin/date</command></para> + +</refsect3> + +<refsect3> +<title>TIME SET</title> +<para>Tries to set the date and time of the local server to that on +the remote server using <command>/bin/date</command>. </para> + +</refsect3> + +<refsect3> +<title>TIME ZONE</title> + +<para>Displays the timezone in hours from GMT on the remote computer.</para> + +</refsect3> +</refsect2> + +<refsect2> +<title>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [options]</title> + +<para> +Join a domain. If the account already exists on the server, and +[TYPE] is MEMBER, the machine will attempt to join automatically. +(Assuming that the machine has been created in server manager) +Otherwise, a password will be prompted for, and a new account may +be created.</para> + +<para> +[TYPE] may be PDC, BDC or MEMBER to specify the type of server +joining the domain. +</para> +</refsect2> + +<refsect2> +<title>[RPC] OLDJOIN [options]</title> + +<para>Join a domain. Use the OLDJOIN option to join the domain +using the old style of domain joining - you need to create a trust +account in server manager first.</para> +</refsect2> + +<refsect2> +<title>[RPC|ADS] USER</title> + +<refsect3> +<title>[RPC|ADS] USER DELETE <replaceable>target</replaceable></title> + +<para>Delete specified user</para> + +</refsect3> + +<refsect3> +<title>[RPC|ADS] USER LIST</title> + +<para>List all users</para> + +</refsect3> + +<refsect3> +<title>[RPC|ADS] USER INFO <replaceable>target</replaceable></title> + +<para>List the domain groups of a the specified user.</para> + +</refsect3> + +<refsect3> +<title>[RPC|ADS] USER ADD <replaceable>name</replaceable> [password] [-F user flags] [-C comment]</title> + +<para>Add specified user.</para> +</refsect3> +</refsect2> + +<refsect2> +<title>[RPC|ADS] GROUP</title> + +<refsect3> +<title>[RPC|ADS] GROUP [misc options] [targets]</title> +<para>List user groups.</para> +</refsect3> + +<refsect3> +<title>[RPC|ADS] GROUP DELETE <replaceable>name</replaceable> [misc. options]</title> + +<para>Delete specified group.</para> + +</refsect3> + +<refsect3> +<title>[RPC|ADS] GROUP ADD <replaceable>name</replaceable> [-C comment]</title> + +<para>Create specified group.</para> + +</refsect3> +</refsect2> + +<refsect2> +<title>[RAP|RPC] SHARE</title> + +<refsect3> +<title>[RAP|RPC] SHARE [misc. options] [targets]</title> + +<para>Enumerates all exported resources (network shares) on target server.</para> + +</refsect3> + +<refsect3> +<title>[RAP|RPC] SHARE ADD <replaceable>name=serverpath</replaceable> [-C comment] [-M maxusers] [targets]</title> + +<para>Adds a share from a server (makes the export active). Maxusers +specifies the number of users that can be connected to the +share simultaneously.</para> + +</refsect3> + +<refsect3> +<title>SHARE DELETE <replaceable>sharenam</replaceable></title> + +<para>Delete specified share.</para> +</refsect3> +</refsect2> + +<refsect2> +<title>[RPC|RAP] FILE</title> + +<refsect3> +<title>[RPC|RAP] FILE</title> + +<para>List all open files on remote server.</para> + +</refsect3> + +<refsect3> +<title>[RPC|RAP] FILE CLOSE <replaceable>fileid</replaceable></title> + +<para>Close file with specified <replaceable>fileid</replaceable> on +remote server.</para> + +</refsect3> + +<refsect3> +<title>[RPC|RAP] FILE INFO <replaceable>fileid</replaceable></title> + +<para> +Print information on specified <replaceable>fileid</replaceable>. +Currently listed are: file-id, username, locks, path, permissions. +</para> + +</refsect3> + +<refsect3> +<title>[RAP|RPC] FILE USER</title> + +¬.implemented; + +</refsect3> + +</refsect2> + +<refsect2> +<title>SESSION</title> + +<refsect3> +<title>RAP SESSION</title> + +<para>Without any other options, SESSION enumerates all active SMB/CIFS +sessions on the target server.</para> + +</refsect3> + +<refsect3> +<title>RAP SESSION DELETE|CLOSE <replaceable>CLIENT_NAME</replaceable></title> + +<para>Close the specified sessions.</para> + +</refsect3> + +<refsect3> +<title>RAP SESSION INFO <replaceable>CLIENT_NAME</replaceable></title> + +<para>Give a list with all the open files in specified session.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>RAP SERVER <replaceable>DOMAIN</replaceable></title> + +<para>List all servers in specified domain or workgroup. Defaults +to local domain.</para> + +</refsect2> + +<refsect2> +<title>RAP DOMAIN</title> + +<para>Lists all domains and workgroups visible on the +current network.</para> + +</refsect2> + +<refsect2> +<title>RAP PRINTQ</title> + +<refsect3> +<title>RAP PRINTQ LIST <replaceable>QUEUE_NAME</replaceable></title> + +<para>Lists the specified print queue and print jobs on the server. +If the <replaceable>QUEUE_NAME</replaceable> is omitted, all +queues are listed.</para> + +</refsect3> + +<refsect3> +<title>RAP PRINTQ DELETE <replaceable>JOBID</replaceable></title> + +<para>Delete job with specified id.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>RAP VALIDATE <replaceable>user</replaceable> [<replaceable>password</replaceable>]</title> + +<para> +Validate whether the specified user can log in to the +remote server. If the password is not specified on the commandline, it +will be prompted. +</para> + +¬.implemented; + +</refsect2> + +<refsect2> +<title>RAP GROUPMEMBER</title> + +<refsect3> +<title>RAP GROUPMEMBER LIST <replaceable>GROUP</replaceable></title> + +<para>List all members of the specified group.</para> + +</refsect3> + +<refsect3> +<title>RAP GROUPMEMBER DELETE <replaceable>GROUP</replaceable> <replaceable>USER</replaceable></title> + +<para>Delete member from group.</para> + +</refsect3> + +<refsect3> +<title>RAP GROUPMEMBER ADD <replaceable>GROUP</replaceable> <replaceable>USER</replaceable></title> + +<para>Add member to group.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>RAP ADMIN <replaceable>command</replaceable></title> + +<para>Execute the specified <replaceable>command</replaceable> on +the remote server. Only works with OS/2 servers. +</para> + +¬.implemented; + +</refsect2> + +<refsect2> +<title>RAP SERVICE</title> + +<refsect3> +<title>RAP SERVICE START <replaceable>NAME</replaceable> [arguments...]</title> + +<para>Start the specified service on the remote server. Not implemented yet.</para> + +¬.implemented; + +</refsect3> + +<refsect3> +<title>RAP SERVICE STOP</title> + +<para>Stop the specified service on the remote server.</para> + +¬.implemented; + +</refsect3> + +</refsect2> + +<refsect2> +<title>RAP PASSWORD <replaceable>USER</replaceable> <replaceable>OLDPASS</replaceable> <replaceable>NEWPASS</replaceable></title> + +<para> +Change password of <replaceable>USER</replaceable> from <replaceable>OLDPASS</replaceable> to <replaceable>NEWPASS</replaceable>. +</para> + +</refsect2> + +<refsect2> +<title>LOOKUP</title> + +<refsect3> +<title>LOOKUP HOST <replaceable>HOSTNAME</replaceable> [<replaceable>TYPE</replaceable>]</title> + +<para> +Lookup the IP address of the given host with the specified type (netbios suffix). +The type defaults to 0x20 (workstation). +</para> + +</refsect3> + +<refsect3> +<title>LOOKUP LDAP [<replaceable>DOMAIN</replaceable></title> + +<para>Give IP address of LDAP server of specified <replaceable>DOMAIN</replaceable>. Defaults to local domain.</para> + +</refsect3> + +<refsect3> +<title>LOOKUP KDC [<replaceable>REALM</replaceable>]</title> + +<para>Give IP address of KDC for the specified <replaceable>REALM</replaceable>. +Defaults to local realm.</para> + +</refsect3> + +<refsect3> +<title>LOOKUP DC [<replaceable>DOMAIN</replaceable>]</title> + +<para>Give IP's of Domain Controllers for specified <replaceable> +DOMAIN</replaceable>. Defaults to local domain.</para> + +</refsect3> + +<refsect3> +<title>LOOKUP MASTER <replaceable>DOMAIN</replaceable></title> + +<para>Give IP of master browser for specified <replaceable>DOMAIN</replaceable> +or workgroup. Defaults to local domain.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>CACHE</title> + +<para>Samba uses a general caching interface called 'gencache'. It +can be controlled using 'NET CACHE'.</para> + +<para>All the timeout parameters support the suffixes: + +<simplelist> +<member>s - Seconds</member> +<member>m - Minutes</member> +<member>h - Hours</member> +<member>d - Days</member> +<member>w - Weeks</member> +</simplelist> + +</para> + +<refsect3> +<title>CACHE ADD <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable></title> + +<para>Add specified key+data to the cache with the given timeout.</para> + +</refsect3> + +<refsect3> +<title>CACHE DEL <replaceable>key</replaceable></title> + +<para>Delete key from the cache.</para> + +</refsect3> + +<refsect3> +<title>CACHE SET <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable></title> + +<para>Update data of existing cache entry.</para> + +</refsect3> + +<refsect3> +<title>CACHE SEARCH <replaceable>PATTERN</replaceable></title> + +<para>Search for the specified pattern in the cache data.</para> + +</refsect3> + +<refsect3> +<title>CACHE LIST</title> + +<para> +List all current items in the cache. +</para> + +</refsect3> + +<refsect3> +<title>CACHE FLUSH</title> + +<para>Remove all the current items from the cache.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>GETLOCALSID [DOMAIN]</title> + +<para>Print the SID of the specified domain, or if the parameter is +omitted, the SID of the domain the local server is in.</para> + +</refsect2> + +<refsect2> +<title>SETLOCALSID S-1-5-21-x-y-z</title> + +<para>Sets domain sid for the local server to the specified SID.</para> + +</refsect2> + +<refsect2> +<title>GROUPMAP</title> + +<para>Manage the mappings between Windows group SIDs and UNIX groups. +Parameters take the for "parameter=value". Common options include:</para> + +<itemizedlist> +<listitem><para>unixgroup - Name of the UNIX group</para></listitem> +<listitem><para>ntgroup - Name of the Windows NT group (must be + resolvable to a SID</para></listitem> +<listitem><para>rid - Unsigned 32-bit integer</para></listitem> +<listitem><para>sid - Full SID in the form of "S-1-..."</para></listitem> +<listitem><para>type - Type of the group; either 'domain', 'local', + or 'builtin'</para></listitem> +<listitem><para>comment - Freeform text description of the group</para></listitem> +</itemizedlist> + +<refsect3> +<title>GROUPMAP ADD</title> + +<para>Add a new group mapping entry</para> + +<para>net groupmap add {rid=int|sid=string} unixgroup=string [type={domain|local|builtin}] [ntgroup=string] [comment=string]</para> + +</refsect3> + +<refsect3> +<title>GROUPMAP DELETE</title> + +<para>Delete a group mapping entry</para> + +<para>net groupmap delete {ntgroup=string|sid=SID}</para> + +</refsect3> + +<refsect3> +<title>GROUPMAP MODIFY</title> + +<para>Update en existing group entry</para> + +<para>net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] [comment=string] [type={domain|local}</para> +</refsect3> + +<refsect3> +<title>GROUPMAP LIST</title> + +<para>List existing group mapping entries</para> + +<para>net groupmap list [verbose] [ntgroup=string] [sid=SID]</para> + +</refsect3> +</refsect2> + + + +<refsect2> +<title>MAXRID</title> + +<para>Prints out the highest RID currently in use on the local +server (by the active 'passdb backend'). +</para> + +</refsect2> + +<refsect2> +<title>RPC INFO</title> + +<para>Print information about the domain of the remote server, +such as domain name, domain sid and number of users and groups. +</para> + +</refsect2> + +<refsect2> +<title>[RPC|ADS] TESTJOIN</title> + +<para>Check whether participation in a domain is still valid.</para> + +</refsect2> + +<refsect2> +<title>[RPC|ADS] CHANGETRUSTPW</title> + +<para>Force change of domain trust password.</para> + +</refsect2> + +<refsect2> +<title>RPC TRUSTDOM</title> + +<refsect3> +<title>RPC TRUSTDOM ADD <replaceable>DOMAIN</replaceable></title> + +<para>Add a interdomain trust account for +<replaceable>DOMAIN</replaceable> to the remote server. +</para> + +</refsect3> + +<refsect3> +<title>RPC TRUSTDOM DEL <replaceable>DOMAIM</replaceable></title> + +<para>Remove interdomain trust account for +<replaceable>DOMAIN</replaceable> from the remote server. +</para> + +¬.implemented; + +</refsect3> + +<refsect3> +<title>RPC TRUSTDOM ESTABLISH <replaceable>DOMAIN</replaceable></title> + +<para> +Establish a trust relationship to a trusting domain. +Interdomain account must already be created on the remote PDC. +</para> + +</refsect3> + +<refsect3> +<title>RPC TRUSTDOM REVOKE <replaceable>DOMAIN</replaceable></title> +<para>Abandon relationship to trusted domain</para> + +</refsect3> + +<refsect3> +<title>RPC TRUSTDOM LIST</title> + +<para>List all current interdomain trust relationships.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>RPC ABORTSHUTDOWN</title> + +<para>Abort the shutdown of a remote server.</para> + +</refsect2> + +<refsect2> +<title>SHUTDOWN [-t timeout] [-r] [-f] [-C message]</title> + +<para>Shut down the remote server.</para> + +<variablelist> +<varlistentry> +<term>-r</term> +<listitem><para> +Reboot after shutdown. +</para></listitem> +</varlistentry> + +<varlistentry> +<term>-f</term> +<listitem><para> +Force shutting down all applications. +</para></listitem> +</varlistentry> + +<varlistentry> +<term>-t timeout</term> +<listitem><para> +Timeout before system will be shut down. An interactive +user of the system can use this time to cancel the shutdown. +</para></listitem> +</varlistentry>'> + +<varlistentry> +<term>-C message</term> +<listitem><para>Display the specified message on the screen to +announce the shutdown.</para></listitem> +</varlistentry> +</variablelist> + +</refsect2> + +<refsect2> +<title>SAMDUMP</title> + +<para>Print out sam database of remote server. You need +to run this on either a BDC. <!-- +Is that correct? - Jelmer --></para> +</refsect2> + +<refsect2> +<title>VAMPIRE</title> + +<para>Export users, aliases and groups from remote server to +local server. Can only be run an a BDC. +</para> + +</refsect2> + +<refsect2> +<title>GETSID</title> + +<para>Fetch domain SID and store it in the local <filename>secrets.tdb</filename>. </para> + +</refsect2> + +<refsect2> +<title>ADS LEAVE</title> + +<para>Make the remote host leave the domain it is part of. </para> + +</refsect2> + +<refsect2> +<title>ADS STATUS</title> + +<para>Print out status of machine account of the local machine in ADS. +Prints out quite some debug info. Aimed at developers, regular +users should use <command>NET ADS TESTJOIN</command>.</para> + +</refsect2> + +<refsect2> +<title>ADS PRINTER</title> + +<refsect3> +<title>ADS PRINTER INFO [<replaceable>PRINTER</replaceable>] [<replaceable>SERVER</replaceable>]</title> + +<para> +Lookup info for <replaceable>PRINTER</replaceable> on <replaceable>SERVER</replaceable>. The printer name defaults to "*", the +server name defaults to the local host.</para> + +</refsect3> + +<refsect3> +<title>ADS PRINTER PUBLISH <replaceable>PRINTER</replaceable></title> + +<para>Publish specified printer using ADS.</para> + +</refsect3> + +<refsect3> +<title>ADS PRINTER REMOVE <replaceable>PRINTER</replaceable></title> + +<para>Remove specified printer from ADS directory.</para> + +</refsect3> + +</refsect2> + +<refsect2> +<title>ADS SEARCH <replaceable>EXPRESSION</replaceable> <replaceable>ATTRIBUTES...</replaceable></title> + +<para>Perform a raw LDAP search on a ADS server and dump the results. The +expression is a standard LDAP search expression, and the +attributes are a list of LDAP fields to show in the results.</para> + +<para>Example: <userinput>net ads search '(objectCategory=group)' sAMAccountName</userinput> +</para> + +</refsect2> + +<refsect2> +<title>ADS DN <replaceable>DN</replaceable> <replaceable>(attributes)</replaceable></title> + +<para> +Perform a raw LDAP search on a ADS server and dump the results. The +DN standard LDAP DN, and the attributes are a list of LDAP fields +to show in the result. +</para> + +<para>Example: <userinput>net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName</userinput></para> + +</refsect2> + +<refsect2> +<title>WORKGROUP</title> + +<para>Print out workgroup name for specified kerberos realm.</para> + +</refsect2> + + +<refsect2> +<title>HELP [COMMAND]</title> + +<para>Gives usage information for the specified command.</para> + +</refsect2> + +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is complete for version 3.0 of the Samba + suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The net manpage was written by Jelmer Vernooij.</para> + +</refsect1> + +</refentry> diff --git a/docs/manpages/nmbd.8.xml b/docs/manpages/nmbd.8.xml new file mode 100644 index 0000000000..db65c48919 --- /dev/null +++ b/docs/manpages/nmbd.8.xml @@ -0,0 +1,293 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="nmbd.8"> + +<refmeta> + <refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>nmbd</refname> + <refpurpose>NetBIOS name server to provide NetBIOS + over IP naming services to clients</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>nmbd</command> + <arg choice="opt">-D</arg> + <arg choice="opt">-F</arg> + <arg choice="opt">-S</arg> + <arg choice="opt">-a</arg> + <arg choice="opt">-i</arg> + <arg choice="opt">-o</arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-V</arg> + <arg choice="opt">-d <debug level></arg> + <arg choice="opt">-H <lmhosts file></arg> + <arg choice="opt">-l <log directory></arg> + <arg choice="opt">-p <port number></arg> + <arg choice="opt">-s <configuration file></arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + <para>This program is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>nmbd</command> is a server that understands + and can reply to NetBIOS over IP name service requests, like + those produced by SMB/CIFS clients such as Windows 95/98/ME, + Windows NT, Windows 2000, Windows XP and LanManager clients. It also + participates in the browsing protocols which make up the + Windows "Network Neighborhood" view.</para> + + <para>SMB/CIFS clients, when they start up, may wish to + locate an SMB/CIFS server. That is, they wish to know what + IP number a specified host is using.</para> + + <para>Amongst other services, <command>nmbd</command> will + listen for such requests, and if its own NetBIOS name is + specified it will respond with the IP number of the host it + is running on. Its "own NetBIOS name" is by + default the primary DNS name of the host it is running on, + but this can be overridden by the <smbconfoption><name>netbios name</name></smbconfoption> + in &smb.conf;. Thus <command>nmbd</command> will + reply to broadcast queries for its own name(s). Additional + names for <command>nmbd</command> to respond on can be set + via parameters in the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> configuration file.</para> + + <para><command>nmbd</command> can also be used as a WINS + (Windows Internet Name Server) server. What this basically means + is that it will act as a WINS database server, creating a + database from name registration requests that it receives and + replying to queries from clients for these names.</para> + + <para>In addition, <command>nmbd</command> can act as a WINS + proxy, relaying broadcast queries from clients that do + not understand how to talk the WINS protocol to a WINS + server.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-D</term> + <listitem><para>If specified, this parameter causes + <command>nmbd</command> to operate as a daemon. That is, + it detaches itself and runs in the background, fielding + requests on the appropriate port. By default, <command>nmbd</command> + will operate as a daemon if launched from a command shell. + nmbd can also be operated from the <command>inetd</command> + meta-daemon, although this is not recommended. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-F</term> + <listitem><para>If specified, this parameter causes + the main <command>nmbd</command> process to not daemonize, + i.e. double-fork and disassociate with the terminal. + Child processes are still created as normal to service + each connection request, but the main process does not + exit. This operation mode is suitable for running + <command>nmbd</command> under process supervisors such + as <command>supervise</command> and <command>svscan</command> + from Daniel J. Bernstein's <command>daemontools</command> + package, or the AIX process monitor. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-S</term> + <listitem><para>If specified, this parameter causes + <command>nmbd</command> to log to standard output rather + than a file.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-i</term> + <listitem><para>If this parameter is specified it causes the + server to run "interactively", not as a daemon, even if the + server is executed on the command line of a shell. Setting this + parameter negates the implicit daemon mode when run from the + command line. <command>nmbd</command> also logs to standard + output, as if the <constant>-S</constant> parameter had been + given. </para></listitem> + </varlistentry> + + &stdarg.help; + + <varlistentry> + <term>-H <filename></term> + <listitem><para>NetBIOS lmhosts file. The lmhosts + file is a list of NetBIOS names to IP addresses that + is loaded by the nmbd server and used via the name + resolution mechanism <smbconfoption><name>name resolve order</name></smbconfoption> described in <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> to resolve any + NetBIOS name queries needed by the server. Note + that the contents of this file are <emphasis>NOT</emphasis> + used by <command>nmbd</command> to answer any name queries. + Adding a line to this file affects name NetBIOS resolution + from this host <emphasis>ONLY</emphasis>.</para> + + <para>The default path to this file is compiled into + Samba as part of the build process. Common defaults + are <filename>/usr/local/samba/lib/lmhosts</filename>, + <filename>/usr/samba/lib/lmhosts</filename> or + <filename>/etc/samba/lmhosts</filename>. See the <citerefentry><refentrytitle>lmhosts</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> man page for details on the contents of this file.</para></listitem> + </varlistentry> + + &popt.common.samba; + + <varlistentry> + <term>-p <UDP port number></term> + <listitem><para>UDP port number is a positive integer value. + This option changes the default UDP port number (normally 137) + that <command>nmbd</command> responds to name queries on. Don't + use this option unless you are an expert, in which case you + won't need help!</para></listitem> + </varlistentry> + + </variablelist> +</refsect1> + +<refsect1> + <title>FILES</title> + + <variablelist> + <varlistentry> + <term><filename>/etc/inetd.conf</filename></term> + <listitem><para>If the server is to be run by the + <command>inetd</command> meta-daemon, this file + must contain suitable startup information for the + meta-daemon. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><filename>/etc/rc</filename></term> + <listitem><para>or whatever initialization script your + system uses).</para> + + <para>If running the server as a daemon at startup, + this file will need to contain an appropriate startup + sequence for the server.</para></listitem> + </varlistentry> + + <varlistentry> + <term><filename>/etc/services</filename></term> + <listitem><para>If running the server via the + meta-daemon <command>inetd</command>, this file + must contain a mapping of service name (e.g., netbios-ssn) + to service port (e.g., 139) and protocol type (e.g., tcp). + </para></listitem> + </varlistentry> + + <varlistentry> + <term><filename>/usr/local/samba/lib/smb.conf</filename></term> + <listitem><para>This is the default location of + the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> server + configuration file. Other common places that systems + install this file are <filename>/usr/samba/lib/smb.conf</filename> + and <filename>/etc/samba/smb.conf</filename>.</para> + + <para>When run as a WINS server (see the + <smbconfoption><name>wins support</name></smbconfoption> + parameter in the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> man page), + <command>nmbd</command> + will store the WINS database in the file <filename>wins.dat</filename> + in the <filename>var/locks</filename> directory configured under + wherever Samba was configured to install itself.</para> + + <para>If <command>nmbd</command> is acting as a <emphasis> + browse master</emphasis> (see the <smbconfoption><name>local master</name></smbconfoption> + parameter in the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> man page, <command>nmbd</command> + will store the browsing database in the file <filename>browse.dat + </filename> in the <filename>var/locks</filename> directory + configured under wherever Samba was configured to install itself. + </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + +<refsect1> + <title>SIGNALS</title> + + <para>To shut down an <command>nmbd</command> process it is recommended + that SIGKILL (-9) <emphasis>NOT</emphasis> be used, except as a last + resort, as this may leave the name database in an inconsistent state. + The correct way to terminate <command>nmbd</command> is to send it + a SIGTERM (-15) signal and wait for it to die on its own.</para> + + <para><command>nmbd</command> will accept SIGHUP, which will cause + it to dump out its namelists into the file <filename>namelist.debug + </filename> in the <filename>/usr/local/samba/var/locks</filename> + directory (or the <filename>var/locks</filename> directory configured + under wherever Samba was configured to install itself). This will also + cause <command>nmbd</command> to dump out its server database in + the <filename>log.nmb</filename> file.</para> + + <para>The debug log level of nmbd may be raised or lowered + using <citerefentry><refentrytitle>smbcontrol</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> (SIGUSR[1|2] signals + are no longer used since Samba 2.2). This is to allow + transient problems to be diagnosed, whilst still running + at a normally low log level.</para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para> + <citerefentry><refentrytitle>inetd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>smbclient</refentrytitle> + <manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>testparm</refentrytitle> + <manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>testprns</refentrytitle> + <manvolnum>1</manvolnum></citerefentry>, and the Internet + RFC's <filename>rfc1001.txt</filename>, <filename>rfc1002.txt</filename>. + In addition the CIFS (formerly SMB) specification is available + as a link from the Web page <ulink noescape="1" url="http://samba.org/cifs/"> + http://samba.org/cifs/</ulink>.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook + XML 4.2 for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/nmblookup.1.xml b/docs/manpages/nmblookup.1.xml new file mode 100644 index 0000000000..14df0066f5 --- /dev/null +++ b/docs/manpages/nmblookup.1.xml @@ -0,0 +1,223 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="nmblookup"> + +<refmeta> + <refentrytitle>nmblookup</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>nmblookup</refname> + <refpurpose>NetBIOS over TCP/IP client used to lookup NetBIOS + names</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>nmblookup</command> + <arg choice="opt">-M</arg> + <arg choice="opt">-R</arg> + <arg choice="opt">-S</arg> + <arg choice="opt">-r</arg> + <arg choice="opt">-A</arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-B <broadcast address></arg> + <arg choice="opt">-U <unicast address></arg> + <arg choice="opt">-d <debug level></arg> + <arg choice="opt">-s <smb config file></arg> + <arg choice="opt">-i <NetBIOS scope></arg> + <arg choice="opt">-T</arg> + <arg choice="opt">-f</arg> + <arg choice="req">name</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>nmblookup</command> is used to query NetBIOS names + and map them to IP addresses in a network using NetBIOS over TCP/IP + queries. The options allow the name queries to be directed at a + particular IP broadcast area or to a particular machine. All queries + are done over UDP.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-M</term> + <listitem><para>Searches for a master browser by looking + up the NetBIOS name <replaceable>name</replaceable> with a + type of <constant>0x1d</constant>. If <replaceable> + name</replaceable> is "-" then it does a lookup on the special name + <constant>__MSBROWSE__</constant>. Please note that in order to + use the name "-", you need to make sure "-" isn't parsed as an + argument, e.g. use : + <userinput>nmblookup -M -- -</userinput>.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-R</term> + <listitem><para>Set the recursion desired bit in the packet + to do a recursive lookup. This is used when sending a name + query to a machine running a WINS server and the user wishes + to query the names in the WINS server. If this bit is unset + the normal (broadcast responding) NetBIOS processing code + on a machine is used instead. See RFC1001, RFC1002 for details. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-S</term> + <listitem><para>Once the name query has returned an IP + address then do a node status query as well. A node status + query returns the NetBIOS names registered by a host. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-r</term> + <listitem><para>Try and bind to UDP port 137 to send and receive UDP + datagrams. The reason for this option is a bug in Windows 95 + where it ignores the source port of the requesting packet + and only replies to UDP port 137. Unfortunately, on most UNIX + systems root privilege is needed to bind to this port, and + in addition, if the <citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> daemon is running on this machine it also binds to this port. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-A</term> + <listitem><para>Interpret <replaceable>name</replaceable> as + an IP Address and do a node status query on this address.</para> + </listitem> + </varlistentry> + + + + &popt.common.connection; + &stdarg.help; + + <varlistentry> + <term>-B <broadcast address></term> + <listitem><para>Send the query to the given broadcast address. Without + this option the default behavior of nmblookup is to send the + query to the broadcast address of the network interfaces as + either auto-detected or defined in the <ulink + url="smb.conf.5.html#INTERFACES"><parameter>interfaces</parameter> + </ulink> parameter of the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-U <unicast address></term> + <listitem><para>Do a unicast query to the specified address or + host <replaceable>unicast address</replaceable>. This option + (along with the <parameter>-R</parameter> option) is needed to + query a WINS server.</para></listitem> + </varlistentry> + + + &popt.common.samba; + + <varlistentry> + <term>-T</term> + <listitem><para>This causes any IP addresses found in the + lookup to be looked up via a reverse DNS lookup into a + DNS name, and printed out before each</para> + + <para><emphasis>IP address .... NetBIOS name</emphasis></para> + + <para> pair that is the normal output.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-f</term> + <listitem><para> + Show which flags apply to the name that has been looked up. Possible + answers are zero or more of: Response, Authoritative, + Truncated, Recursion_Desired, Recursion_Available, Broadcast. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>name</term> + <listitem><para>This is the NetBIOS name being queried. Depending + upon the previous options this may be a NetBIOS name or IP address. + If a NetBIOS name then the different name types may be specified + by appending '#<type>' to the name. This name may also be + '*', which will return all registered names within a broadcast + area.</para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>EXAMPLES</title> + + <para><command>nmblookup</command> can be used to query + a WINS server (in the same way <command>nslookup</command> is + used to query DNS servers). To query a WINS server, <command>nmblookup</command> + must be called like this:</para> + + <para><command>nmblookup -U server -R 'name'</command></para> + + <para>For example, running :</para> + + <para><command>nmblookup -U samba.org -R 'IRIX#1B'</command></para> + + <para>would query the WINS server samba.org for the domain + master browser (1B name type) for the IRIX workgroup.</para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry>, and <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook + XML 4.2 for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/ntlm_auth.1.xml b/docs/manpages/ntlm_auth.1.xml new file mode 100644 index 0000000000..f4478f7d41 --- /dev/null +++ b/docs/manpages/ntlm_auth.1.xml @@ -0,0 +1,258 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="ntlm-auth.1"> + +<refmeta> + <refentrytitle>ntlm_auth</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>ntlm_auth</refname> + <refpurpose>tool to allow external access to Winbind's NTLM authentication function</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>ntlm_auth</command> + <arg choice="opt">-d debuglevel</arg> + <arg choice="opt">-l logdir</arg> + <arg choice="opt">-s <smb config file></arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>ntlm_auth</command> is a helper utility that authenticates + users using NT/LM authentication. It returns 0 if the users is authenticated + successfully and 1 if access was denied. ntlm_auth uses winbind to access + the user and authentication data for a domain. This utility + is only indended to be used by other programs (currently squid). + </para> +</refsect1> + +<refsect1> + <title>OPERATIONAL REQUIREMENTS</title> + + <para> + The <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> daemon must be operational + for many of these commands to function.</para> + + <para>Some of these commands also require access to the directory + <filename>winbindd_privileged</filename> in + <filename>$LOCKDIR</filename>. This should be done either by running + this command as root or providing group access + to the <filename>winbindd_privileged</filename> directory. For + security reasons, this directory should not be world-accessable. </para> + +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>--helper-protocol=PROTO</term> + <listitem><para> + Operate as a stdio-based helper. Valid helper protocols are: + </para> + <variablelist> + <varlistentry> + <term>squid-2.4-basic</term> + <listitem><para> + Server-side helper for use with Squid 2.4's basic (plaintext) + authentication. </para> + </listitem> + </varlistentry> + <varlistentry> + <term>squid-2.5-basic</term> + <listitem><para> + Server-side helper for use with Squid 2.5's basic (plaintext) + authentication. </para> + </listitem> + </varlistentry> + <varlistentry> + <term>squid-2.5-ntlmssp</term> + <listitem><para> + Server-side helper for use with Squid 2.5's NTLMSSP + authentication. </para> + <para>Requires access to the directory + <filename>winbindd_privileged</filename> in + <filename>$LOCKDIR</filename>. The protocol used is + described here: <ulink + url="http://devel.squid-cache.org/ntlm/squid_helper_protocol.html">http://devel.squid-cache.org/ntlm/squid_helper_protocol.html</ulink> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>ntlmssp-client-1</term> + <listitem><para> + Cleint-side helper for use with arbitary external + programs that may wish to use Samba's NTLMSSP + authentication knowlege. </para> + <para>This helper is a client, and as such may be run by any + user. The protocol used is + effectivly the reverse of the previous protocol. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>gss-spnego</term> + <listitem><para> + Server-side helper that implements GSS-SPNEGO. This + uses a protocol that is almost the same as + <command>squid-2.5-ntlmssp</command>, but has some + subtle differences that are undocumented outside the + source at this stage. + </para> + <para>Requires access to the directory + <filename>winbindd_privileged</filename> in + <filename>$LOCKDIR</filename>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>gss-spnego-client</term> + <listitem><para> + Client-side helper that implements GSS-SPNEGO. This + also uses a protocol similar to the above helpers, but + is currently undocumented. + </para> + </listitem> + </varlistentry> + </variablelist> + </listitem> + </varlistentry> + + <varlistentry> + <term>--username=USERNAME</term> + <listitem><para> + Specify username of user to authenticate + </para></listitem> + + </varlistentry> + + <varlistentry> + <term>--domain=DOMAIN</term> + <listitem><para> + Specify domain of user to authenticate + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--workstation=WORKSTATION</term> + <listitem><para> + Specify the workstation the user authenticated from + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--challenge=STRING</term> + <listitem><para>NTLM challenge (in HEXADECIMAL)</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>--lm-response=RESPONSE</term> + <listitem><para>LM Response to the challenge (in HEXADECIMAL)</para></listitem> + </varlistentry> + + <varlistentry> + <term>--nt-response=RESPONSE</term> + <listitem><para>NT or NTLMv2 Response to the challenge (in HEXADECIMAL)</para></listitem> + </varlistentry> + + <varlistentry> + <term>--password=PASSWORD</term> + <listitem><para>User's plaintext password</para><para>If + not specified on the command line, this is prompted for when + required. </para></listitem> + </varlistentry> + + <varlistentry> + <term>--request-lm-key</term> + <listitem><para>Retreive LM session key</para></listitem> + </varlistentry> + + <varlistentry> + <term>--request-nt-key</term> + <listitem><para>Request NT key</para></listitem> + </varlistentry> + + <varlistentry> + <term>--diagnostics</term> + <listitem><para>Perform Diagnostics on the authentication + chain. Uses the password from <command>--password</command> + or prompts for one.</para> + </listitem> + </varlistentry> + + &popt.common.samba; + &stdarg.help; + + </variablelist> +</refsect1> + +<refsect1> + <title>EXAMPLE SETUP</title> + + <para>To setup ntlm_auth for use by squid 2.5, with both basic and + NTLMSSP authentication, the following + should be placed in the <filename>squid.conf</filename> file. +<programlisting> +auth_param ntlm program ntlm_auth --helper-protocol=squid-2.5-ntlmssp +auth_param basic program ntlm_auth --helper-protocol=squid-2.5-basic +auth_param basic children 5 +auth_param basic realm Squid proxy-caching web server +auth_param basic credentialsttl 2 hours +</programlisting></para> + +<note><para>This example assumes that ntlm_auth has been installed into your + path, and that the group permissions on + <filename>winbindd_privileged</filename> are as described above.</para></note> + +</refsect1> + +<refsect1> + <title>TROUBLESHOOTING</title> + + <para>If you're experiencing problems with authenticating Internet Explorer running + under MS Windows 9X or Millenium Edition against ntlm_auth's NTLMSSP authentication + helper (--helper-protocol=squid-2.5-ntlmssp), then please read + <ulink url="http://support.microsoft.com/support/kb/articles/Q239/8/69.ASP"> + the Microsoft Knowledge Base article #239869 and follow instructions described there</ulink>. + </para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba + suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The ntlm_auth manpage was written by Jelmer Vernooij and + Andrew Bartlett.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/pdbedit.8.xml b/docs/manpages/pdbedit.8.xml new file mode 100644 index 0000000000..e05c729572 --- /dev/null +++ b/docs/manpages/pdbedit.8.xml @@ -0,0 +1,426 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="pdbedit.8"> + +<refmeta> + <refentrytitle>pdbedit</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>pdbedit</refname> + <refpurpose>manage the SAM database</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>pdbedit</command> + <arg choice="opt">-L</arg> + <arg choice="opt">-v</arg> + <arg choice="opt">-w</arg> + <arg choice="opt">-u username</arg> + <arg choice="opt">-f fullname</arg> + <arg choice="opt">-h homedir</arg> + <arg choice="opt">-D drive</arg> + <arg choice="opt">-S script</arg> + <arg choice="opt">-p profile</arg> + <arg choice="opt">-a</arg> + <arg choice="opt">-m</arg> + <arg choice="opt">-r</arg> + <arg choice="opt">-x</arg> + <arg choice="opt">-i passdb-backend</arg> + <arg choice="opt">-e passdb-backend</arg> + <arg choice="opt">-b passdb-backend</arg> + <arg choice="opt">-g</arg> + <arg choice="opt">-d debuglevel</arg> + <arg choice="opt">-s configfile</arg> + <arg choice="opt">-P account-policy</arg> + <arg choice="opt">-C value</arg> + <arg choice="opt">-c account-control</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The pdbedit program is used to manage the users accounts + stored in the sam database and can only be run by root.</para> + + <para>The pdbedit tool uses the passdb modular interface and is + independent from the kind of users database used (currently there + are smbpasswd, ldap, nis+ and tdb based and more can be added + without changing the tool).</para> + + <para>There are five main ways to use pdbedit: adding a user account, + removing a user account, modifing a user account, listing user + accounts, importing users accounts.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + <variablelist> + <varlistentry> + <term>-L</term> + <listitem><para>This option lists all the user accounts + present in the users database. + This option prints a list of user/uid pairs separated by + the ':' character.</para> + <para>Example: <command>pdbedit -L</command></para> + <para><screen> +sorce:500:Simo Sorce +samba:45:Test User +</screen></para> + </listitem> + </varlistentry> + + + + <varlistentry> + <term>-v</term> + <listitem><para>This option enables the verbose listing format. + It causes pdbedit to list the users in the database, printing + out the account fields in a descriptive format.</para> + + <para>Example: <command>pdbedit -L -v</command></para> + <para><screen> +--------------- +username: sorce +user ID/Group: 500/500 +user RID/GRID: 2000/2001 +Full Name: Simo Sorce +Home Directory: \\BERSERKER\sorce +HomeDir Drive: H: +Logon Script: \\BERSERKER\netlogon\sorce.bat +Profile Path: \\BERSERKER\profile +--------------- +username: samba +user ID/Group: 45/45 +user RID/GRID: 1090/1091 +Full Name: Test User +Home Directory: \\BERSERKER\samba +HomeDir Drive: +Logon Script: +Profile Path: \\BERSERKER\profile +</screen></para> + </listitem> + </varlistentry> + + + + <varlistentry> + <term>-w</term> + <listitem><para>This option sets the "smbpasswd" listing format. + It will make pdbedit list the users in the database, printing + out the account fields in a format compatible with the + <filename>smbpasswd</filename> file format. (see the + <citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> for details)</para> + + <para>Example: <command>pdbedit -L -w</command></para> + <screen> +sorce:500:508818B733CE64BEAAD3B435B51404EE:D2A2418EFC466A8A0F6B1DBB5C3DB80C:[UX ]:LCT-00000000: +samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:BC281CE3F53B6A5146629CD4751D3490:[UX ]:LCT-3BFA1E8D: +</screen> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-u username</term> + <listitem><para>This option specifies the username to be + used for the operation requested (listing, adding, removing). + It is <emphasis>required</emphasis> in add, remove and modify + operations and <emphasis>optional</emphasis> in list + operations.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-f fullname</term> + <listitem><para>This option can be used while adding or + modifing a user account. It will specify the user's full + name. </para> + + <para>Example: <command>-f "Simo Sorce"</command></para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-h homedir</term> + <listitem><para>This option can be used while adding or + modifing a user account. It will specify the user's home + directory network path.</para> + + <para>Example: <command>-h "\\\\BERSERKER\\sorce"</command> + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-D drive</term> + <listitem><para>This option can be used while adding or + modifing a user account. It will specify the windows drive + letter to be used to map the home directory.</para> + + <para>Example: <command>-d "H:"</command> + </para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-S script</term> + <listitem><para>This option can be used while adding or + modifing a user account. It will specify the user's logon + script path.</para> + + <para>Example: <command>-s "\\\\BERSERKER\\netlogon\\sorce.bat"</command> + </para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-p profile</term> + <listitem><para>This option can be used while adding or + modifing a user account. It will specify the user's profile + directory.</para> + + <para>Example: <command>-p "\\\\BERSERKER\\netlogon"</command> + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-G SID|rid</term> + <listitem><para> + This option can be used while adding or modifying a user account. It + will specify the users' new primary group SID (Security Identifier) or + rid. </para> + + <para>Example: <command>-G S-1-5-21-2447931902-1787058256-3961074038-1201</command></para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-U SID|rid</term> + <listitem><para> + This option can be used while adding or modifying a user account. It + will specify the users' new SID (Security Identifier) or + rid. </para> + + <para>Example: <command>-U S-1-5-21-2447931902-1787058256-3961074038-5004</command></para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-c account-control</term> + <listitem><para>This option can be used while adding or modifying a user + account. It will specify the users' account control property. Possible flags are listed below. + </para> + + <para> + <itemizedlist> + <listitem><para>N: No password required</para></listitem> + <listitem><para>D: Account disabled</para></listitem> + <listitem><para>H: Home directory required</para></listitem> + <listitem><para>T: Temporary duplicate of other account</para></listitem> + <listitem><para>U: Regular user account</para></listitem> + <listitem><para>M: MNS logon user account</para></listitem> + <listitem><para>W: Workstation Trust Account</para></listitem> + <listitem><para>S: Server Trust Account</para></listitem> + <listitem><para>L: Automatic Locking</para></listitem> + <listitem><para>X: Password does not expire</para></listitem> + <listitem><para>I: Domain Trust Account</para></listitem> + </itemizedlist> + </para> + + <para>Example: <command>-c "[X ]"</command></para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-a</term> + <listitem><para>This option is used to add a user into the + database. This command needs a user name specified with + the -u switch. When adding a new user, pdbedit will also + ask for the password to be used.</para> + + <para>Example: <command>pdbedit -a -u sorce</command> +<programlisting>new password: +retype new password +</programlisting> +</para> + + <note><para>pdbedit does not call the unix password syncronisation + script if <smbconfoption><name>unix password sync</name></smbconfoption> + has been set. It only updates the data in the Samba + user database. + </para> + + <para>If you wish to add a user and synchronise the password + that immediately, use <command>smbpasswd</command>'s <option>-a</option> option. + </para> + </note> + </listitem> + </varlistentry> + + <varlistentry> + <term>-r</term> + <listitem><para>This option is used to modify an existing user + in the database. This command needs a user name specified with the -u + switch. Other options can be specified to modify the properties of + the specified user. This flag is kept for backwards compatibility, but + it is no longer necessary to specify it. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-m</term> + <listitem><para>This option may only be used in conjunction + with the <parameter>-a</parameter> option. It will make + pdbedit to add a machine trust account instead of a user + account (-u username will provide the machine name).</para> + + <para>Example: <command>pdbedit -a -m -u w2k-wks</command> + </para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-x</term> + <listitem><para>This option causes pdbedit to delete an account + from the database. It needs a username specified with the + -u switch.</para> + + <para>Example: <command>pdbedit -x -u bob</command></para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-i passdb-backend</term> + <listitem><para>Use a different passdb backend to retrieve users + than the one specified in smb.conf. Can be used to import data into + your local user database.</para> + + <para>This option will ease migration from one passdb backend to + another.</para> + + <para>Example: <command>pdbedit -i smbpasswd:/etc/smbpasswd.old + </command></para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-e passdb-backend</term> + <listitem><para>Exports all currently available users to the + specified password database backend.</para> + + <para>This option will ease migration from one passdb backend to + another and will ease backing up.</para> + + <para>Example: <command>pdbedit -e smbpasswd:/root/samba-users.backup</command></para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-g</term> + <listitem><para>If you specify <parameter>-g</parameter>, + then <parameter>-i in-backend -e out-backend</parameter> + applies to the group mapping instead of the user database.</para> + + <para>This option will ease migration from one passdb backend to + another and will ease backing up.</para> + + </listitem> + </varlistentry> + + <varlistentry> + <term>-b passdb-backend</term> + <listitem><para>Use a different default passdb backend. </para> + + <para>Example: <command>pdbedit -b xml:/root/pdb-backup.xml -l</command></para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-P account-policy</term> + <listitem><para>Display an account policy</para> + <para>Valid policies are: minimum password age, reset count minutes, disconnect time, + user must logon to change password, password history, lockout duration, min password length, + maximum password age and bad lockout attempt.</para> + + <para>Example: <command>pdbedit -P "bad lockout attempt"</command></para> +<para><programlisting> +account policy value for bad lockout attempt is 0 +</programlisting></para> + + </listitem> + </varlistentry> + + + <varlistentry> + <term>-C account-policy-value</term> + <listitem><para>Sets an account policy to a specified value. + This option may only be used in conjunction + with the <parameter>-P</parameter> option. + </para> + + <para>Example: <command>pdbedit -P "bad lockout attempt" -C 3</command></para> +<para><programlisting> +account policy value for bad lockout attempt was 0 +account policy value for bad lockout attempt is now 3 +</programlisting></para> + </listitem> + </varlistentry> + + &stdarg.help; + &popt.common.samba; + + </variablelist> +</refsect1> + + +<refsect1> + <title>NOTES</title> + + <para>This command may be used only by root.</para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry></para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The pdbedit manpage was written by Simo Sorce and Jelmer Vernooij.</para> + +</refsect1> + +</refentry> diff --git a/docs/manpages/profiles.1.xml b/docs/manpages/profiles.1.xml new file mode 100644 index 0000000000..3ae823f634 --- /dev/null +++ b/docs/manpages/profiles.1.xml @@ -0,0 +1,88 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="profiles.1"> + +<refmeta> + <refentrytitle>profiles</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>profiles</refname> + <refpurpose>A utility to report and change SIDs in registry files + </refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>profiles</command> + <arg choice="opt">-v</arg> + <arg choice="opt">-c SID</arg> + <arg choice="opt">-n SID</arg> + <arg choice="req">file</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>profiles</command> is a utility that + reports and changes SIDs in windows registry files. It currently only + supports NT. + </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>file</term> + <listitem><para>Registry file to view or edit. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-v,--verbose</term> + <listitem><para>Increases verbosity of messages. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-c SID1 -n SID2</term> + <listitem><para>Change all occurences of SID1 in <filename>file</filename> by SID2. + </para></listitem> + </varlistentry> + + &stdarg.help; + + </variablelist> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba + suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The profiles man page was written by Jelmer Vernooij. </para> +</refsect1> + +</refentry> diff --git a/docs/manpages/rpcclient.1.xml b/docs/manpages/rpcclient.1.xml new file mode 100644 index 0000000000..3510458610 --- /dev/null +++ b/docs/manpages/rpcclient.1.xml @@ -0,0 +1,475 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="rpcclient.1"> + +<refmeta> + <refentrytitle>rpcclient</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>rpcclient</refname> + <refpurpose>tool for executing client side + MS-RPC functions</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>rpcclient</command> + <arg choice="opt">-A authfile</arg> + <arg choice="opt">-c <command string></arg> + <arg choice="opt">-d debuglevel</arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-l logdir</arg> + <arg choice="opt">-N</arg> + <arg choice="opt">-s <smb config file></arg> + <arg choice="opt">-U username[%password]</arg> + <arg choice="opt">-W workgroup</arg> + <arg choice="opt">-N</arg> + <arg choice="opt">-I destinationIP</arg> + <arg choice="req">server</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>rpcclient</command> is a utility initially developed + to test MS-RPC functionality in Samba itself. It has undergone + several stages of development and stability. Many system administrators + have now written scripts around it to manage Windows NT clients from + their UNIX workstation. </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>server</term> + <listitem><para>NetBIOS name of Server to which to connect. + The server can be any SMB/CIFS server. The name is + resolved using the <smbconfoption><name>name resolve order</name></smbconfoption> line from <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>-c|--command='command string'</term> + <listitem><para>execute semicolon separated commands (listed + below)) </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-I IP-address</term> + <listitem><para><replaceable>IP address</replaceable> is the address of the server to connect to. + It should be specified in standard "a.b.c.d" notation. </para> + + <para>Normally the client would attempt to locate a named + SMB/CIFS server by looking it up via the NetBIOS name resolution + mechanism described above in the <parameter>name resolve order</parameter> + parameter above. Using this parameter will force the client + to assume that the server is on the machine with the specified IP + address and the NetBIOS name component of the resource being + connected to will be ignored. </para> + + <para>There is no default for this parameter. If not supplied, + it will be determined automatically by the client as described + above. </para></listitem> + </varlistentry> + + &popt.common.samba; + &popt.common.credentials; + &popt.common.connection; + &stdarg.help; + </variablelist> +</refsect1> + + +<refsect1> + <title>COMMANDS</title> + + <refsect2> + <title>LSARPC</title> + + <variablelist> + <varlistentry><term>lsaquery</term><listitem><para>Query info policy</para></listitem></varlistentry> + + <varlistentry><term>lookupsids</term><listitem><para>Resolve a list + of SIDs to usernames. + </para></listitem></varlistentry> + + <varlistentry><term>lookupnames</term><listitem><para>Resolve a list + of usernames to SIDs. + </para></listitem></varlistentry> + + <varlistentry><term>enumtrusts</term><listitem><para>Enumerate trusted domains</para></listitem></varlistentry> + + <varlistentry><term>enumprivs</term><listitem><para>Enumerate privileges</para></listitem></varlistentry> + + <varlistentry><term>getdispname</term><listitem><para>Get the privilege name</para></listitem></varlistentry> + + <varlistentry><term>lsaenumsid</term><listitem><para>Enumerate the LSA SIDS</para></listitem></varlistentry> + + <varlistentry><term>lsaenumprivsaccount</term><listitem><para>Enumerate the privileges of an SID</para></listitem></varlistentry> + + <varlistentry><term>lsaenumacctrights</term><listitem><para>Enumerate the rights of an SID</para></listitem></varlistentry> + + <varlistentry><term>lsaenumacctwithright</term><listitem><para>Enumerate accounts with a right</para></listitem></varlistentry> + + <varlistentry><term>lsaaddacctrights</term><listitem><para>Add rights to an account</para></listitem></varlistentry> + + <varlistentry><term>lsaremoveacctrights</term><listitem><para>Remove rights from an account</para></listitem></varlistentry> + + <varlistentry><term>lsalookupprivvalue</term><listitem><para>Get a privilege value given its name</para></listitem></varlistentry> + + <varlistentry><term>lsaquerysecobj</term><listitem><para>Query LSA security object</para></listitem></varlistentry> + + </variablelist> + </refsect2> + + <refsect2> + <title>LSARPC-DS</title> + + <variablelist> + <varlistentry><term>dsroledominfo</term><listitem><para>Get Primary Domain Information</para></listitem></varlistentry> + </variablelist> + + <para> </para> + + <para><emphasis>DFS</emphasis></para> + <variablelist> + <varlistentry><term>dfsexist</term><listitem><para>Query DFS support</para></listitem></varlistentry> + <varlistentry><term>dfsadd</term><listitem><para>Add a DFS share</para></listitem></varlistentry> + <varlistentry><term>dfsremove</term><listitem><para>Remove a DFS share</para></listitem></varlistentry> + <varlistentry><term>dfsgetinfo</term><listitem><para>Query DFS share info</para></listitem></varlistentry> + <varlistentry><term>dfsenum</term><listitem><para>Enumerate dfs shares</para></listitem></varlistentry> + </variablelist> + + </refsect2> + + <refsect2> + <title>REG</title> + <variablelist> + <varlistentry><term>shutdown</term><listitem><para>Remote Shutdown</para></listitem></varlistentry> + <varlistentry><term>abortshutdown</term><listitem><para>Abort Shutdown</para></listitem></varlistentry> + </variablelist> + + </refsect2> + + <refsect2> + <title>SRVSVC</title> + + <variablelist> + <varlistentry><term>srvinfo</term><listitem><para>Server query info</para></listitem></varlistentry> + + <varlistentry><term>netshareenum</term><listitem><para>Enumerate shares</para></listitem></varlistentry> + + <varlistentry><term>netfileenum</term><listitem><para>Enumerate open files</para></listitem></varlistentry> + + <varlistentry><term>netremotetod</term><listitem><para>Fetch remote time of day</para></listitem></varlistentry> + + </variablelist> + + </refsect2> + + <refsect2> + <title>SAMR</title> + + <variablelist> + <varlistentry><term>queryuser</term><listitem><para>Query user info</para></listitem></varlistentry> + <varlistentry><term>querygroup</term><listitem><para>Query group info</para></listitem></varlistentry> + <varlistentry><term>queryusergroups</term><listitem><para>Query user groups</para></listitem></varlistentry> + <varlistentry><term>querygroupmem</term><listitem><para>Query group membership</para></listitem></varlistentry> + <varlistentry><term>queryaliasmem</term><listitem><para>Query alias membership</para></listitem></varlistentry> + <varlistentry><term>querydispinfo</term><listitem><para>Query display info</para></listitem></varlistentry> + <varlistentry><term>querydominfo</term><listitem><para>Query domain info</para></listitem></varlistentry> + <varlistentry><term>enumdomusers</term><listitem><para>Enumerate domain users</para></listitem></varlistentry> + <varlistentry><term>enumdomgroups</term><listitem><para>Enumerate domain groups</para></listitem></varlistentry> + <varlistentry><term>enumalsgroups</term><listitem><para>Enumerate alias groups</para></listitem></varlistentry> + <varlistentry><term>createdomuser</term><listitem><para>Create domain user</para></listitem></varlistentry> + <varlistentry><term>samlookupnames</term><listitem><para>Look up names</para></listitem></varlistentry> + <varlistentry><term>samlookuprids</term><listitem><para>Look up names</para></listitem></varlistentry> + <varlistentry><term>deletedomuser</term><listitem><para>Delete domain user</para></listitem></varlistentry> + <varlistentry><term>samquerysecobj</term><listitem><para>Query SAMR security object</para></listitem></varlistentry> + <varlistentry><term>getdompwinfo</term><listitem><para>Retrieve domain password info</para></listitem></varlistentry> + <varlistentry><term>lookupdomain</term><listitem><para>Look up domain</para></listitem></varlistentry> + </variablelist> + + </refsect2> + + <refsect2> + <title>SPOOLSS</title> + + <variablelist> + <varlistentry><term>adddriver <arch> <config> [<version>]</term> + <listitem><para> + Execute an AddPrinterDriver() RPC to install the printer driver + information on the server. Note that the driver files should + already exist in the directory returned by + <command>getdriverdir</command>. Possible values for + <parameter>arch</parameter> are the same as those for + the <command>getdriverdir</command> command. + The <parameter>config</parameter> parameter is defined as + follows: </para> + +<para><programlisting> +Long Printer Name:\ +Driver File Name:\ +Data File Name:\ +Config File Name:\ +Help File Name:\ +Language Monitor Name:\ +Default Data Type:\ +Comma Separated list of Files +</programlisting></para> + + <para>Any empty fields should be enter as the string "NULL". </para> + + <para>Samba does not need to support the concept of Print Monitors + since these only apply to local printers whose driver can make + use of a bi-directional link for communication. This field should + be "NULL". On a remote NT print server, the Print Monitor for a + driver must already be installed prior to adding the driver or + else the RPC will fail. </para> + + <para>The <parameter>version</parameter> parameter lets you + specify the printer driver version number. If omitted, the + default driver version for the specified architecture will + be used. This option can be used to upload Windows 2000 + (version 3) printer drivers.</para></listitem></varlistentry> + + <varlistentry><term>addprinter <printername> + <sharename> <drivername> <port></term> + <listitem><para> + Add a printer on the remote server. This printer + will be automatically shared. Be aware that the printer driver + must already be installed on the server (see <command>adddriver</command>) + and the <parameter>port</parameter>must be a valid port name (see + <command>enumports</command>.</para> + </listitem></varlistentry> + + + <varlistentry><term>deldriver</term><listitem><para>Delete the + specified printer driver for all architectures. This + does not delete the actual driver files from the server, + only the entry from the server's list of drivers. + </para></listitem></varlistentry> + + <varlistentry><term>enumdata</term><listitem><para>Enumerate all + printer setting data stored on the server. On Windows NT clients, + these values are stored in the registry, while Samba servers + store them in the printers TDB. This command corresponds + to the MS Platform SDK GetPrinterData() function (* This + command is currently unimplemented).</para></listitem></varlistentry> + + <varlistentry><term>enumdataex</term><listitem><para>Enumerate printer data for a key</para></listitem></varlistentry> + + <varlistentry><term>enumjobs <printer></term> + <listitem><para>List the jobs and status of a given printer. + This command corresponds to the MS Platform SDK EnumJobs() + function</para></listitem></varlistentry> + + <varlistentry><term>enumkey</term><listitem><para>Enumerate + printer keys</para></listitem></varlistentry> + + <varlistentry><term>enumports [level]</term> + <listitem><para> + Executes an EnumPorts() call using the specified + info level. Currently only info levels 1 and 2 are supported. + </para></listitem></varlistentry> + + + + <varlistentry><term>enumdrivers [level]</term> + <listitem><para> + Execute an EnumPrinterDrivers() call. This lists the various installed + printer drivers for all architectures. Refer to the MS Platform SDK + documentation for more details of the various flags and calling + options. Currently supported info levels are 1, 2, and 3.</para></listitem></varlistentry> + + + + <varlistentry><term>enumprinters [level]</term> + <listitem><para>Execute an EnumPrinters() call. This lists the various installed + and share printers. Refer to the MS Platform SDK documentation for + more details of the various flags and calling options. Currently + supported info levels are 1, 2 and 5.</para></listitem></varlistentry> + + + + + <varlistentry><term>getdata <printername> <valuename;></term> + <listitem><para>Retrieve the data for a given printer setting. See + the <command>enumdata</command> command for more information. + This command corresponds to the GetPrinterData() MS Platform + SDK function. </para></listitem></varlistentry> + + <varlistentry><term>getdataex</term><listitem><para>Get + printer driver data with + keyname</para></listitem></varlistentry> + + + <varlistentry><term>getdriver <printername></term> + <listitem><para> + Retrieve the printer driver information (such as driver file, + config file, dependent files, etc...) for + the given printer. This command corresponds to the GetPrinterDriver() + MS Platform SDK function. Currently info level 1, 2, and 3 are supported. + </para></listitem></varlistentry> + + + <varlistentry><term>getdriverdir <arch></term> + <listitem><para> + Execute a GetPrinterDriverDirectory() + RPC to retrieve the SMB share name and subdirectory for + storing printer driver files for a given architecture. Possible + values for <parameter>arch</parameter> are "Windows 4.0" + (for Windows 95/98), "Windows NT x86", "Windows NT PowerPC", "Windows + Alpha_AXP", and "Windows NT R4000". </para></listitem></varlistentry> + + + + <varlistentry><term>getprinter <printername></term> + <listitem><para>Retrieve the current printer information. This command + corresponds to the GetPrinter() MS Platform SDK function. + </para></listitem></varlistentry> + + <varlistentry><term>getprintprocdir</term><listitem><para>Get + print processor + directory</para></listitem></varlistentry> + + <varlistentry><term>openprinter <printername></term> + <listitem><para>Execute an OpenPrinterEx() and ClosePrinter() RPC + against a given printer. </para></listitem></varlistentry> + + <varlistentry><term>setdriver <printername> + <drivername></term> + <listitem><para>Execute a SetPrinter() command to update the printer driver + associated with an installed printer. The printer driver must + already be correctly installed on the print server. </para> + + <para>See also the <command>enumprinters</command> and + <command>enumdrivers</command> commands for obtaining a list of + of installed printers and drivers.</para></listitem></varlistentry> + + <varlistentry><term>addform</term><listitem><para>Add form</para></listitem></varlistentry> + <varlistentry><term>setform</term><listitem><para>Set form</para></listitem></varlistentry> + <varlistentry><term>getform</term><listitem><para>Get form</para></listitem></varlistentry> + <varlistentry><term>deleteform</term><listitem><para>Delete form</para></listitem></varlistentry> + <varlistentry><term>enumforms</term><listitem><para>Enumerate form</para></listitem></varlistentry> + <varlistentry><term>setprinter</term><listitem><para>Set printer comment</para></listitem></varlistentry> + <varlistentry><term>setprinterdata</term><listitem><para>Set REG_SZ printer data</para></listitem></varlistentry> + <varlistentry><term>rffpcnex</term><listitem><para>Rffpcnex test</para></listitem></varlistentry> + + + </variablelist> + + </refsect2> + + <refsect2> + <title>NETLOGON</title> + + <variablelist> + + <varlistentry><term>logonctrl2</term> + <listitem><para>Logon Control 2</para></listitem> + </varlistentry> + + <varlistentry><term>logonctrl</term> + <listitem><para>Logon Control</para></listitem> + </varlistentry> + + <varlistentry><term>samsync</term> + <listitem><para>Sam Synchronisation</para></listitem> + </varlistentry> + + <varlistentry><term>samdeltas</term> + <listitem><para>Query Sam Deltas</para></listitem> + </varlistentry> + + <varlistentry><term>samlogon</term> + <listitem><para>Sam Logon</para></listitem> + </varlistentry> + + </variablelist> + </refsect2> + + <refsect2> + <title>GENERAL COMMANDS</title> + + <variablelist> + <varlistentry><term>debuglevel</term><listitem><para>Set the current + debug level used to log information.</para></listitem></varlistentry> + + <varlistentry><term>help (?)</term><listitem><para>Print a listing of all + known commands or extended help on a particular command. + </para></listitem></varlistentry> + + <varlistentry><term>quit (exit)</term><listitem><para>Exit <command>rpcclient + </command>.</para></listitem></varlistentry> + </variablelist> + </refsect2> + +</refsect1> + +<refsect1> + <title>BUGS</title> + + <para><command>rpcclient</command> is designed as a developer testing tool + and may not be robust in certain areas (such as command line parsing). + It has been known to generate a core dump upon failures when invalid + parameters where passed to the interpreter. </para> + + <para>From Luke Leighton's original rpcclient man page:</para> + + <para><emphasis>WARNING!</emphasis> The MSRPC over SMB code has + been developed from examining Network traces. No documentation is + available from the original creators (Microsoft) on how MSRPC over + SMB works, or how the individual MSRPC services work. Microsoft's + implementation of these services has been demonstrated (and reported) + to be... a bit flaky in places. </para> + + <para>The development of Samba's implementation is also a bit rough, + and as more of the services are understood, it can even result in + versions of <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>rpcclient</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> that are incompatible for some commands or services. Additionally, + the developers are sending reports to Microsoft, and problems found + or reported to Microsoft are fixed in Service Packs, which may + result in incompatibilities.</para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba + suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original rpcclient man page was written by Matthew + Geddes, Luke Kenneth Casson Leighton, and rewritten by Gerald Carter. + The conversion to DocBook for Samba 2.2 was done by Gerald + Carter. The conversion to DocBook XML 4.2 for Samba 3.0 was + done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/samba.7.xml b/docs/manpages/samba.7.xml new file mode 100644 index 0000000000..7f31ab3bc5 --- /dev/null +++ b/docs/manpages/samba.7.xml @@ -0,0 +1,370 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="samba.7"> + +<refmeta> + <refentrytitle>samba</refentrytitle> + <manvolnum>7</manvolnum> +</refmeta> + + +<refnamediv> + <refname>samba</refname> + <refpurpose>A Windows SMB/CIFS fileserver for UNIX</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis><command>Samba</command></cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>The Samba software suite is a collection of programs + that implements the Server Message Block (commonly abbreviated + as SMB) protocol for UNIX systems. This protocol is sometimes + also referred to as the Common Internet File System (CIFS). For a + more thorough description, see <ulink url="http://www.ubiqx.org/cifs/"> + http://www.ubiqx.org/cifs/</ulink>. Samba also implements the NetBIOS + protocol in nmbd.</para> + + <variablelist> + <varlistentry> + <term><citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></term> + <listitem><para>The <command>smbd</command> daemon provides the file and print services to + SMB clients, such as Windows 95/98, Windows NT, Windows + for Workgroups or LanManager. The configuration file + for this daemon is described in <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> + </para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></term> + <listitem><para>The <command>nmbd</command> + daemon provides NetBIOS nameservice and browsing + support. The configuration file for this daemon + is described in <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry></para> + </listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbclient</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>smbclient</command> + program implements a simple ftp-like client. This + is useful for accessing SMB shares on other compatible + servers (such as Windows NT), and can also be used + to allow a UNIX box to print to a printer attached to + any SMB server (such as a PC running Windows NT).</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>testparm</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>testparm</command> + utility is a simple syntax checker for Samba's <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> configuration file.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>testprns</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>testprns</command> + utility supports testing printer names defined + in your <filename>printcap</filename> file used + by Samba.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbstatus</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>smbstatus</command> + tool provides access to information about the + current connections to <command>smbd</command>.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>nmblookup</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>nmblookup</command> + tools allows NetBIOS name queries to be made + from a UNIX host.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></term> + <listitem><para>The <command>smbpasswd</command> + command is a tool for changing LanMan and Windows NT + password hashes on Samba and Windows NT servers.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbcacls</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>smbcacls</command> command is + a tool to set ACL's on remote CIFS servers. </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbsh</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>smbsh</command> command is + a program that allows you to run a unix shell with + with an overloaded VFS.</para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbtree</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>smbtree</command> command + is a text-based network neighborhood tool.</para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbtar</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>smbtar</command> can make + backups of data on CIFS/SMB servers.</para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbspool</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></term> + <listitem><para><command>smbspool</command> is a + helper utility for printing on printers connected + to CIFS servers. </para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbcontrol</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>smbcontrol</command> is a utility + that can change the behaviour of running samba daemons. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>rpcclient</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>rpcclient</command> is a utility + that can be used to execute RPC commands on remote + CIFS servers.</para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>pdbedit</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></term> + <listitem><para>The <command>pdbedit</command> command + can be used to maintain the local user database on + a samba server.</para></listitem></varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>findsmb</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para>The <command>findsmb</command> command + can be used to find SMB servers on the local network. + </para></listitem></varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>net</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></term> + <listitem><para>The <command>net</command> command + is supposed to work similar to the DOS/Windows + NET.EXE command.</para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>swat</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></term> + <listitem><para><command>swat</command> is a web-based + interface to configuring <filename>smb.conf</filename>. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></term> + <listitem><para><command>winbindd</command> is a daemon + that is used for integrating authentication and + the user database into unix.</para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>wbinfo</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>wbinfo</command> is a utility + that retrieves and stores information related to winbind. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>editreg</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>editreg</command> is a command-line + utility that can edit windows registry files. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>profiles</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>profiles</command> is a command-line + utility that can be used to replace all occurences of + a certain SID with another SID. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>log2pcap</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>log2pcap</command> is a utility + for generating pcap trace files from Samba log + files.</para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>vfstest</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>vfstest</command> is a utility + that can be used to test vfs modules.</para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>ntlm_auth</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>ntlm_auth</command> is a helper-utility + for external programs wanting to do NTLM-authentication. + </para></listitem></varlistentry> + + <varlistentry> + <term> +<citerefentry><refentrytitle>smbmount</refentrytitle><manvolnum>8</manvolnum></citerefentry>, +<citerefentry><refentrytitle>smbumount</refentrytitle><manvolnum>8</manvolnum></citerefentry>, +<citerefentry><refentrytitle>smbmnt</refentrytitle><manvolnum>8</manvolnum></citerefentry></term> + <listitem><para><command>smbmount</command>,<command>smbumount</command> and <command>smbmnt</command> are commands that can be used to + mount CIFS/SMB shares on Linux. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><citerefentry><refentrytitle>smbcquotas</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></term> + <listitem><para><command>smbcquotas</command> is a tool that + can set remote QUOTA's on server with NTFS 5. </para> + </listitem> + </varlistentry> + </variablelist> +</refsect1> + +<refsect1> + <title>COMPONENTS</title> + + <para>The Samba suite is made up of several components. Each + component is described in a separate manual page. It is strongly + recommended that you read the documentation that comes with Samba + and the manual pages of those components that you use. If the + manual pages and documents aren't clear enough then please visit + <ulink url="http://devel.samba.org/">http://devel.samba.org</ulink> + for information on how to file a bug report or submit a patch.</para> + + <para>If you require help, visit the Samba webpage at + <ulink url="http://samba.org/">http://www.samba.org/</ulink> and + explore the many option available to you. + </para> +</refsect1> + +<refsect1> + <title>AVAILABILITY</title> + + <para>The Samba software suite is licensed under the + GNU Public License(GPL). A copy of that license should + have come with the package in the file COPYING. You are + encouraged to distribute copies of the Samba suite, but + please obey the terms of this license.</para> + + <para>The latest version of the Samba suite can be + obtained via anonymous ftp from samba.org in the + directory pub/samba/. It is also available on several + mirror sites worldwide.</para> + + <para>You may also find useful information about Samba + on the newsgroup <ulink url="news:comp.protocols.smb"> + comp.protocol.smb</ulink> and the Samba mailing + list. Details on how to join the mailing list are given in + the README file that comes with Samba.</para> + + <para>If you have access to a WWW viewer (such as Mozilla + or Konqueror) then you will also find lots of useful information, + including back issues of the Samba mailing list, at + <ulink url="http://lists.samba.org/">http://lists.samba.org</ulink>.</para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the + Samba suite. </para> +</refsect1> + +<refsect1> + <title>CONTRIBUTIONS</title> + + <para>If you wish to contribute to the Samba project, + then I suggest you join the Samba mailing list at + <ulink url="http://lists.samba.org/">http://lists.samba.org</ulink>. + </para> + + <para>If you have patches to submit, visit + <ulink url="http://devel.samba.org/">http://devel.samba.org/</ulink> + for information on how to do it properly. We prefer patches + in <command>diff -u</command> format.</para> +</refsect1> + +<refsect1> + <title>CONTRIBUTORS</title> + + <para>Contributors to the project are now too numerous + to mention here but all deserve the thanks of all Samba + users. To see a full list, look at the + <filename>change-log</filename> in the source package + for the pre-CVS changes and at <ulink + url="http://cvs.samba.org/"> + http://cvs.samba.org/</ulink> + for the contributors to Samba post-CVS. CVS is the Open Source + source code control system used by the Samba Team to develop + Samba. The project would have been unmanageable without it.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML + 4.2 for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbcacls.1.xml b/docs/manpages/smbcacls.1.xml new file mode 100644 index 0000000000..78980a6aec --- /dev/null +++ b/docs/manpages/smbcacls.1.xml @@ -0,0 +1,263 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbcacls.1"> + +<refmeta> + <refentrytitle>smbcacls</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbcacls</refname> + <refpurpose>Set or get ACLs on an NT file or directory names</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbcacls</command> + <arg choice="req">//server/share</arg> + <arg choice="req">filename</arg> + <arg choice="opt">-D acls</arg> + <arg choice="opt">-M acls</arg> + <arg choice="opt">-a acls</arg> + <arg choice="opt">-S acls</arg> + <arg choice="opt">-C name</arg> + <arg choice="opt">-G name</arg> + <arg choice="opt">-n</arg> + <arg choice="opt">-t</arg> + <arg choice="opt">-U username</arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-d</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The <command>smbcacls</command> program manipulates NT Access Control + Lists (ACLs) on SMB file shares. </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <para>The following options are available to the <command>smbcacls</command> program. + The format of ACLs is described in the section ACL FORMAT </para> + + + <variablelist> + <varlistentry> + <term>-a acls</term> + <listitem><para>Add the ACLs specified to the ACL list. Existing + access control entries are unchanged. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-M acls</term> + <listitem><para>Modify the mask value (permissions) for the ACLs + specified on the command line. An error will be printed for each + ACL specified that was not already present in the ACL list + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-D acls</term> + <listitem><para>Delete any ACLs specified on the command line. + An error will be printed for each ACL specified that was not + already present in the ACL list. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-S acls</term> + <listitem><para>This command sets the ACLs on the file with + only the ones specified on the command line. All other ACLs are + erased. Note that the ACL specified must contain at least a revision, + type, owner and group for the call to succeed. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-U username</term> + <listitem><para>Specifies a username used to connect to the + specified service. The username may be of the form "username" in + which case the user is prompted to enter in a password and the + workgroup specified in the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file is + used, or "username%password" or "DOMAIN\username%password" and the + password and workgroup names are used as provided. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-C name</term> + <listitem><para>The owner of a file or directory can be changed + to the name given using the <parameter>-C</parameter> option. + The name can be a sid in the form S-1-x-y-z or a name resolved + against the server specified in the first argument. </para> + + <para>This command is a shortcut for -M OWNER:name. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-G name</term> + <listitem><para>The group owner of a file or directory can + be changed to the name given using the <parameter>-G</parameter> + option. The name can be a sid in the form S-1-x-y-z or a name + resolved against the server specified n the first argument. + </para> + + <para>This command is a shortcut for -M GROUP:name.</para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-n</term> + <listitem><para>This option displays all ACL information in numeric + format. The default is to convert SIDs to names and ACE types + and masks to a readable string format. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-t</term> + <listitem><para> + Don't actually do anything, only validate the correctness of + the arguments. + </para></listitem> + </varlistentry> + + &stdarg.help; + &popt.common.samba; + </variablelist> +</refsect1> + + +<refsect1> + <title>ACL FORMAT</title> + + <para>The format of an ACL is one or more ACL entries separated by + either commas or newlines. An ACL entry is one of the following: </para> + +<para><programlisting> +REVISION:<revision number> +OWNER:<sid or name> +GROUP:<sid or name> +ACL:<sid or name>:<type>/<flags>/<mask> +</programlisting></para> + + + <para>The revision of the ACL specifies the internal Windows + NT ACL revision for the security descriptor. + If not specified it defaults to 1. Using values other than 1 may + cause strange behaviour. </para> + + <para>The owner and group specify the owner and group sids for the + object. If a SID in the format CWS-1-x-y-z is specified this is used, + otherwise the name specified is resolved using the server on which + the file or directory resides. </para> + + <para>ACLs specify permissions granted to the SID. This SID again + can be specified in CWS-1-x-y-z format or as a name in which case + it is resolved against the server on which the file or directory + resides. The type, flags and mask values determine the type of + access granted to the SID. </para> + + <para>The type can be either 0 or 1 corresponding to ALLOWED or + DENIED access to the SID. The flags values are generally + zero for file ACLs and either 9 or 2 for directory ACLs. Some + common flags are: </para> + + <itemizedlist> + <listitem><para><constant>#define SEC_ACE_FLAG_OBJECT_INHERIT 0x1</constant></para></listitem> + <listitem><para><constant>#define SEC_ACE_FLAG_CONTAINER_INHERIT 0x2</constant></para></listitem> + <listitem><para><constant>#define SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0x4</constant></para></listitem> + <listitem><para><constant>#define SEC_ACE_FLAG_INHERIT_ONLY 0x8</constant></para></listitem> + </itemizedlist> + + <para>At present flags can only be specified as decimal or + hexadecimal values.</para> + + <para>The mask is a value which expresses the access right + granted to the SID. It can be given as a decimal or hexadecimal value, + or by using one of the following text strings which map to the NT + file permissions of the same name. </para> + + <itemizedlist> + <listitem><para><emphasis>R</emphasis> - Allow read access </para></listitem> + <listitem><para><emphasis>W</emphasis> - Allow write access</para></listitem> + <listitem><para><emphasis>X</emphasis> - Execute permission on the object</para></listitem> + <listitem><para><emphasis>D</emphasis> - Delete the object</para></listitem> + <listitem><para><emphasis>P</emphasis> - Change permissions</para></listitem> + <listitem><para><emphasis>O</emphasis> - Take ownership</para></listitem> + </itemizedlist> + + + <para>The following combined permissions can be specified:</para> + + + <itemizedlist> + <listitem><para><emphasis>READ</emphasis> - Equivalent to 'RX' + permissions</para></listitem> + <listitem><para><emphasis>CHANGE</emphasis> - Equivalent to 'RXWD' permissions + </para></listitem> + <listitem><para><emphasis>FULL</emphasis> - Equivalent to 'RWXDPO' + permissions</para></listitem> + </itemizedlist> + </refsect1> + +<refsect1> + <title>EXIT STATUS</title> + + <para>The <command>smbcacls</command> program sets the exit status + depending on the success or otherwise of the operations performed. + The exit status may be one of the following values. </para> + + <para>If the operation succeeded, smbcacls returns and exit + status of 0. If <command>smbcacls</command> couldn't connect to the specified server, + or there was an error getting or setting the ACLs, an exit status + of 1 is returned. If there was an error parsing any command line + arguments, an exit status of 2 is returned. </para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para><command>smbcacls</command> was written by Andrew Tridgell + and Tim Potter.</para> + + <para>The conversion to DocBook for Samba 2.2 was done + by Gerald Carter. The conversion to DocBook XML 4.2 for Samba 3.0 was done + by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbclient.1.xml b/docs/manpages/smbclient.1.xml new file mode 100644 index 0000000000..78cc642e76 --- /dev/null +++ b/docs/manpages/smbclient.1.xml @@ -0,0 +1,940 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbclient.1"> + +<refmeta> + <refentrytitle>smbclient</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbclient</refname> + <refpurpose>ftp-like client to access SMB/CIFS resources + on servers</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbclient</command> + <arg choice="req">servicename</arg> + <arg choice="opt">password</arg> + <arg choice="opt">-b <buffer size></arg> + <arg choice="opt">-d debuglevel</arg> + <arg choice="opt">-D Directory</arg> + <arg choice="opt">-U username</arg> + <arg choice="opt">-W workgroup</arg> + <arg choice="opt">-M <netbios name></arg> + <arg choice="opt">-m maxprotocol</arg> + <arg choice="opt">-A authfile</arg> + <arg choice="opt">-N</arg> + <arg choice="opt">-l logdir</arg> + <arg choice="opt">-L <netbios name></arg> + <arg choice="opt">-I destinationIP</arg> + <arg choice="opt">-E</arg> + <arg choice="opt">-c <command string></arg> + <arg choice="opt">-i scope</arg> + <arg choice="opt">-O <socket options></arg> + <arg choice="opt">-p port</arg> + <arg choice="opt">-R <name resolve order></arg> + <arg choice="opt">-s <smb config file></arg> + <arg choice="opt">-T<c|x>IXFqgbNan</arg> + <arg choice="opt">-k</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>smbclient</command> is a client that can + 'talk' to an SMB/CIFS server. It offers an interface + similar to that of the ftp program (see <citerefentry><refentrytitle>ftp</refentrytitle> + <manvolnum>1</manvolnum></citerefentry>). + Operations include things like getting files from the server + to the local machine, putting files from the local machine to + the server, retrieving directory information from the server + and so on. </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>servicename</term> + <listitem><para>servicename is the name of the service + you want to use on the server. A service name takes the form + <filename>//server/service</filename> where <parameter>server + </parameter> is the NetBIOS name of the SMB/CIFS server + offering the desired service and <parameter>service</parameter> + is the name of the service offered. Thus to connect to + the service "printer" on the SMB/CIFS server "smbserver", + you would use the servicename <filename>//smbserver/printer + </filename></para> + + <para>Note that the server name required is NOT necessarily + the IP (DNS) host name of the server ! The name required is + a NetBIOS server name, which may or may not be the + same as the IP hostname of the machine running the server. + </para> + + <para>The server name is looked up according to either + the <parameter>-R</parameter> parameter to <command>smbclient</command> or + using the name resolve order parameter in + the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file, + allowing an administrator to change the order and methods + by which server names are looked up. </para></listitem> + </varlistentry> + + <varlistentry> + <term>password</term> + <listitem><para>The password required to access the specified + service on the specified server. If this parameter is + supplied, the <parameter>-N</parameter> option (suppress + password prompt) is assumed. </para> + + <para>There is no default password. If no password is supplied + on the command line (either by using this parameter or adding + a password to the <parameter>-U</parameter> option (see + below)) and the <parameter>-N</parameter> option is not + specified, the client will prompt for a password, even if + the desired service does not require one. (If no password is + required, simply press ENTER to provide a null password.) + </para> + + <para>Note: Some servers (including OS/2 and Windows for + Workgroups) insist on an uppercase password. Lowercase + or mixed case passwords may be rejected by these servers. + </para> + + <para>Be cautious about including passwords in scripts. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-R <name resolve order></term> + <listitem><para>This option is used by the programs in the Samba + suite to determine what naming services and in what order to resolve + host names to IP addresses. The option takes a space-separated + string of different name resolution options.</para> + + <para>The options are :"lmhosts", "host", "wins" and "bcast". They + cause names to be resolved as follows:</para> + + <itemizedlist> + <listitem><para><constant>lmhosts</constant>: Lookup an IP + address in the Samba lmhosts file. If the line in lmhosts has + no name type attached to the NetBIOS name (see + the <citerefentry><refentrytitle>lmhosts</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> for details) then + any name type matches for lookup.</para> + </listitem> + + <listitem><para><constant>host</constant>: Do a standard host + name to IP address resolution, using the system <filename>/etc/hosts + </filename>, NIS, or DNS lookups. This method of name resolution + is operating system dependent, for instance on IRIX or Solaris this + may be controlled by the <filename>/etc/nsswitch.conf</filename> + file). Note that this method is only used if the NetBIOS name + type being queried is the 0x20 (server) name type, otherwise + it is ignored.</para> + </listitem> + + <listitem><para><constant>wins</constant>: Query a name with + the IP address listed in the <parameter>wins server</parameter> + parameter. If no WINS server has + been specified this method will be ignored.</para> + </listitem> + + <listitem><para><constant>bcast</constant>: Do a broadcast on + each of the known local interfaces listed in the + <parameter>interfaces</parameter> + parameter. This is the least reliable of the name resolution + methods as it depends on the target host being on a locally + connected subnet.</para> + </listitem> + </itemizedlist> + + <para>If this parameter is not set then the name resolve order + defined in the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file parameter + (name resolve order) will be used. </para> + + <para>The default order is lmhosts, host, wins, bcast and without + this parameter or any entry in the <parameter>name resolve order + </parameter> parameter of the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file the name resolution + methods will be attempted in this order. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-M NetBIOS name</term> + <listitem><para>This options allows you to send messages, using + the "WinPopup" protocol, to another computer. Once a connection is + established you then type your message, pressing ^D (control-D) to + end. </para> + + <para>If the receiving computer is running WinPopup the user will + receive the message and probably a beep. If they are not running + WinPopup the message will be lost, and no error message will + occur. </para> + + <para>The message is also automatically truncated if the message + is over 1600 bytes, as this is the limit of the protocol. + </para> + + <para>One useful trick is to cat the message through + <command>smbclient</command>. For example: <command> + cat mymessage.txt | smbclient -M FRED </command> will + send the message in the file <filename>mymessage.txt</filename> + to the machine FRED. </para> + + <para>You may also find the <parameter>-U</parameter> and + <parameter>-I</parameter> options useful, as they allow you to + control the FROM and TO parts of the message. </para> + + <para>See the <parameter>message command</parameter> parameter in the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> for a description of how to handle incoming + WinPopup messages in Samba. </para> + + <para><emphasis>Note</emphasis>: Copy WinPopup into the startup group + on your WfWg PCs if you want them to always be able to receive + messages. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-p port</term> + <listitem><para>This number is the TCP port number that will be used + when making connections to the server. The standard (well-known) + TCP port number for an SMB/CIFS server is 139, which is the + default. </para></listitem> + </varlistentry> + + + &stdarg.help; + + <varlistentry> + <term>-I IP-address</term> + <listitem><para><replaceable>IP address</replaceable> is the address of the server to connect to. + It should be specified in standard "a.b.c.d" notation. </para> + + <para>Normally the client would attempt to locate a named + SMB/CIFS server by looking it up via the NetBIOS name resolution + mechanism described above in the <parameter>name resolve order</parameter> + parameter above. Using this parameter will force the client + to assume that the server is on the machine with the specified IP + address and the NetBIOS name component of the resource being + connected to will be ignored. </para> + + <para>There is no default for this parameter. If not supplied, + it will be determined automatically by the client as described + above. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-E</term> + <listitem><para>This parameter causes the client to write messages + to the standard error stream (stderr) rather than to the standard + output stream. </para> + + <para>By default, the client writes messages to standard output + - typically the user's tty. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-L</term> + <listitem><para>This option allows you to look at what services + are available on a server. You use it as <command>smbclient -L + host</command> and a list should appear. The <parameter>-I + </parameter> option may be useful if your NetBIOS names don't + match your TCP/IP DNS host names or if you are trying to reach a + host on another network. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-t terminal code</term> + <listitem><para>This option tells <command>smbclient</command> how to interpret + filenames coming from the remote server. Usually Asian language + multibyte UNIX implementations use different character sets than + SMB/CIFS servers (<emphasis>EUC</emphasis> instead of <emphasis> + SJIS</emphasis> for example). Setting this parameter will let + <command>smbclient</command> convert between the UNIX filenames and + the SMB filenames correctly. This option has not been seriously tested + and may have some problems. </para> + + <para>The terminal codes include CWsjis, CWeuc, CWjis7, CWjis8, + CWjunet, CWhex, CWcap. This is not a complete list, check the Samba + source code for the complete list. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-b buffersize</term> + <listitem><para>This option changes the transmit/send buffer + size when getting or putting a file from/to the server. The default + is 65520 bytes. Setting this value smaller (to 1200 bytes) has been + observed to speed up file transfers to and from a Win9x server. + </para></listitem> + </varlistentry> + + &popt.common.samba; + &popt.common.credentials; + &popt.common.connection; + + <varlistentry> + <term>-T tar options</term> + <listitem><para>smbclient may be used to create <command>tar(1) + </command> compatible backups of all the files on an SMB/CIFS + share. The secondary tar flags that can be given to this option + are : </para> + + <itemizedlist> + <listitem><para><parameter>c</parameter> - Create a tar file on UNIX. + Must be followed by the name of a tar file, tape device + or "-" for standard output. If using standard output you must + turn the log level to its lowest value -d0 to avoid corrupting + your tar file. This flag is mutually exclusive with the + <parameter>x</parameter> flag. </para></listitem> + + <listitem><para><parameter>x</parameter> - Extract (restore) a local + tar file back to a share. Unless the -D option is given, the tar + files will be restored from the top level of the share. Must be + followed by the name of the tar file, device or "-" for standard + input. Mutually exclusive with the <parameter>c</parameter> flag. + Restored files have their creation times (mtime) set to the + date saved in the tar file. Directories currently do not get + their creation dates restored properly. </para></listitem> + + <listitem><para><parameter>I</parameter> - Include files and directories. + Is the default behavior when filenames are specified above. Causes + tar files to be included in an extract or create (and therefore + everything else to be excluded). See example below. Filename globbing + works in one of two ways. See r below. </para></listitem> + + <listitem><para><parameter>X</parameter> - Exclude files and directories. + Causes tar files to be excluded from an extract or create. See + example below. Filename globbing works in one of two ways now. + See <parameter>r</parameter> below. </para></listitem> + + <listitem><para><parameter>b</parameter> - Blocksize. Must be followed + by a valid (greater than zero) blocksize. Causes tar file to be + written out in blocksize*TBLOCK (usually 512 byte) blocks. + </para></listitem> + + <listitem><para><parameter>g</parameter> - Incremental. Only back up + files that have the archive bit set. Useful only with the + <parameter>c</parameter> flag. </para></listitem> + + <listitem><para><parameter>q</parameter> - Quiet. Keeps tar from printing + diagnostics as it works. This is the same as tarmode quiet. + </para></listitem> + + <listitem><para><parameter>r</parameter> - Regular expression include + or exclude. Uses regular expression matching for + excluding or excluding files if compiled with HAVE_REGEX_H. + However this mode can be very slow. If not compiled with + HAVE_REGEX_H, does a limited wildcard match on '*' and '?'. + </para></listitem> + + <listitem><para><parameter>N</parameter> - Newer than. Must be followed + by the name of a file whose date is compared against files found + on the share during a create. Only files newer than the file + specified are backed up to the tar file. Useful only with the + <parameter>c</parameter> flag. </para></listitem> + + <listitem><para><parameter>a</parameter> - Set archive bit. Causes the + archive bit to be reset when a file is backed up. Useful with the + <parameter>g</parameter> and <parameter>c</parameter> flags. + </para></listitem> + </itemizedlist> + + <para><emphasis>Tar Long File Names</emphasis></para> + + <para><command>smbclient</command>'s tar option now supports long + file names both on backup and restore. However, the full path + name of the file must be less than 1024 bytes. Also, when + a tar archive is created, <command>smbclient</command>'s tar option places all + files in the archive with relative names, not absolute names. + </para> + + <para><emphasis>Tar Filenames</emphasis></para> + + <para>All file names can be given as DOS path names (with '\\' + as the component separator) or as UNIX path names (with '/' as + the component separator). </para> + + <para><emphasis>Examples</emphasis></para> + + <para>Restore from tar file <filename>backup.tar</filename> into myshare on mypc + (no password on share). </para> + + <para><command>smbclient //mypc/yshare "" -N -Tx backup.tar + </command></para> + + <para>Restore everything except <filename>users/docs</filename> + </para> + + <para><command>smbclient //mypc/myshare "" -N -TXx backup.tar + users/docs</command></para> + + <para>Create a tar file of the files beneath <filename> + users/docs</filename>. </para> + + <para><command>smbclient //mypc/myshare "" -N -Tc + backup.tar users/docs </command></para> + + <para>Create the same tar file as above, but now use + a DOS path name. </para> + + <para><command>smbclient //mypc/myshare "" -N -tc backup.tar + users\edocs </command></para> + + <para>Create a tar file of all the files and directories in + the share. </para> + + <para><command>smbclient //mypc/myshare "" -N -Tc backup.tar * + </command></para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-D initial directory</term> + <listitem><para>Change to initial directory before starting. Probably + only of any use with the tar -T option. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-c command string</term> + <listitem><para>command string is a semicolon-separated list of + commands to be executed instead of prompting from stdin. <parameter> + -N</parameter> is implied by <parameter>-c</parameter>.</para> + + <para>This is particularly useful in scripts and for printing stdin + to the server, e.g. <command>-c 'print -'</command>. </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>OPERATIONS</title> + + <para>Once the client is running, the user is presented with + a prompt : </para> + + <para><prompt>smb:\> </prompt></para> + + <para>The backslash ("\\") indicates the current working directory + on the server, and will change if the current working directory + is changed. </para> + + <para>The prompt indicates that the client is ready and waiting to + carry out a user command. Each command is a single word, optionally + followed by parameters specific to that command. Command and parameters + are space-delimited unless these notes specifically + state otherwise. All commands are case-insensitive. Parameters to + commands may or may not be case sensitive, depending on the command. + </para> + + <para>You can specify file names which have spaces in them by quoting + the name with double quotes, for example "a long file name". </para> + + <para>Parameters shown in square brackets (e.g., "[parameter]") are + optional. If not given, the command will use suitable defaults. Parameters + shown in angle brackets (e.g., "<parameter>") are required. + </para> + + + <para>Note that all commands operating on the server are actually + performed by issuing a request to the server. Thus the behavior may + vary from server to server, depending on how the server was implemented. + </para> + + <para>The commands available are given here in alphabetical order. </para> + + <variablelist> + <varlistentry> + <term>? [command]</term> + <listitem><para>If <replaceable>command</replaceable> is specified, the ? command will display + a brief informative message about the specified command. If no + command is specified, a list of available commands will + be displayed. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>! [shell command]</term> + <listitem><para>If <replaceable>shell command</replaceable> is specified, the ! + command will execute a shell locally and run the specified shell + command. If no command is specified, a local shell will be run. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>altname file</term> + <listitem><para>The client will request that the server return + the "alternate" name (the 8.3 name) for a file or directory. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>cancel jobid0 [jobid1] ... [jobidN]</term> + <listitem><para>The client will request that the server cancel + the printjobs identified by the given numeric print job ids. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>chmod file mode in octal</term> + <listitem><para>This command depends on the server supporting the CIFS + UNIX extensions and will fail if the server does not. The client requests that the server + change the UNIX permissions to the given octal mode, in standard UNIX format. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>chown file uid gid</term> + <listitem><para>This command depends on the server supporting the CIFS + UNIX extensions and will fail if the server does not. The client requests that the server + change the UNIX user and group ownership to the given decimal values. Note there is + currently no way to remotely look up the UNIX uid and gid values for a given name. + This may be addressed in future versions of the CIFS UNIX extensions. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>cd [directory name]</term> + <listitem><para>If "directory name" is specified, the current + working directory on the server will be changed to the directory + specified. This operation will fail if for any reason the specified + directory is inaccessible. </para> + + <para>If no directory name is specified, the current working + directory on the server will be reported. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>del <mask></term> + <listitem><para>The client will request that the server attempt + to delete all files matching <replaceable>mask</replaceable> from the current working + directory on the server. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>dir <mask></term> + <listitem><para>A list of the files matching <replaceable>mask</replaceable> in the current + working directory on the server will be retrieved from the server + and displayed. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>exit</term> + <listitem><para>Terminate the connection with the server and exit + from the program. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>get <remote file name> [local file name]</term> + <listitem><para>Copy the file called <filename>remote file name</filename> from + the server to the machine running the client. If specified, name + the local copy <filename>local file name</filename>. Note that all transfers in + <command>smbclient</command> are binary. See also the + lowercase command. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>help [command]</term> + <listitem><para>See the ? command above. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>lcd [directory name]</term> + <listitem><para>If <replaceable>directory name</replaceable> is specified, the current + working directory on the local machine will be changed to + the directory specified. This operation will fail if for any + reason the specified directory is inaccessible. </para> + + <para>If no directory name is specified, the name of the + current working directory on the local machine will be reported. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>link source destination</term> + <listitem><para>This command depends on the server supporting the CIFS + UNIX extensions and will fail if the server does not. The client requests that the server + create a hard link between the source and destination files. The source file + must not exist. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>lowercase</term> + <listitem><para>Toggle lowercasing of filenames for the get and + mget commands. </para> + + <para>When lowercasing is toggled ON, local filenames are converted + to lowercase when using the get and mget commands. This is + often useful when copying (say) MSDOS files from a server, because + lowercase filenames are the norm on UNIX systems. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>ls <mask></term> + <listitem><para>See the dir command above. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>mask <mask></term> + <listitem><para>This command allows the user to set up a mask + which will be used during recursive operation of the mget and + mput commands. </para> + + <para>The masks specified to the mget and mput commands act as + filters for directories rather than files when recursion is + toggled ON. </para> + + <para>The mask specified with the mask command is necessary + to filter files within those directories. For example, if the + mask specified in an mget command is "source*" and the mask + specified with the mask command is "*.c" and recursion is + toggled ON, the mget command will retrieve all files matching + "*.c" in all directories below and including all directories + matching "source*" in the current working directory. </para> + + <para>Note that the value for mask defaults to blank (equivalent + to "*") and remains so until the mask command is used to change it. + It retains the most recently specified value indefinitely. To + avoid unexpected results it would be wise to change the value of + mask back to "*" after using the mget or mput commands. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>md <directory name></term> + <listitem><para>See the mkdir command. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>mget <mask></term> + <listitem><para>Copy all files matching <replaceable>mask</replaceable> from the server to + the machine running the client. </para> + + <para>Note that <replaceable>mask</replaceable> is interpreted differently during recursive + operation and non-recursive operation - refer to the recurse and + mask commands for more information. Note that all transfers in + <command>smbclient</command> are binary. See also the lowercase command. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>mkdir <directory name></term> + <listitem><para>Create a new directory on the server (user access + privileges permitting) with the specified name. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>mput <mask></term> + <listitem><para>Copy all files matching <replaceable>mask</replaceable> in the current working + directory on the local machine to the current working directory on + the server. </para> + + <para>Note that <replaceable>mask</replaceable> is interpreted differently during recursive + operation and non-recursive operation - refer to the recurse and mask + commands for more information. Note that all transfers in <command>smbclient</command> + are binary. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>print <file name></term> + <listitem><para>Print the specified file from the local machine + through a printable service on the server. </para> + + <para>See also the printmode command.</para></listitem> + </varlistentry> + + + + <varlistentry> + <term>printmode <graphics or text></term> + <listitem><para>Set the print mode to suit either binary data + (such as graphical information) or text. Subsequent print + commands will use the currently set print mode. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>prompt</term> + <listitem><para>Toggle prompting for filenames during operation + of the mget and mput commands. </para> + + <para>When toggled ON, the user will be prompted to confirm + the transfer of each file during these commands. When toggled + OFF, all specified files will be transferred without prompting. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>put <local file name> [remote file name]</term> + <listitem><para>Copy the file called <filename>local file name</filename> from the + machine running the client to the server. If specified, + name the remote copy <filename>remote file name</filename>. Note that all transfers + in <command>smbclient</command> are binary. See also the lowercase command. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>queue</term> + <listitem><para>Displays the print queue, showing the job id, + name, size and current status. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>quit</term> + <listitem><para>See the exit command. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>rd <directory name></term> + <listitem><para>See the rmdir command. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>recurse</term> + <listitem><para>Toggle directory recursion for the commands mget + and mput. </para> + + <para>When toggled ON, these commands will process all directories + in the source directory (i.e., the directory they are copying + from ) and will recurse into any that match the mask specified + to the command. Only files that match the mask specified using + the mask command will be retrieved. See also the mask command. + </para> + + <para>When recursion is toggled OFF, only files from the current + working directory on the source machine that match the mask specified + to the mget or mput commands will be copied, and any mask specified + using the mask command will be ignored. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>rm <mask></term> + <listitem><para>Remove all files matching <replaceable>mask</replaceable> from the current + working directory on the server. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>rmdir <directory name></term> + <listitem><para>Remove the specified directory (user access + privileges permitting) from the server. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>setmode <filename> <perm=[+|\-]rsha></term> + <listitem><para>A version of the DOS attrib command to set + file permissions. For example: </para> + + <para><command>setmode myfile +r </command></para> + + <para>would make myfile read only. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>symlink source destination</term> + <listitem><para>This command depends on the server supporting the CIFS + UNIX extensions and will fail if the server does not. The client requests that the server + create a symbolic hard link between the source and destination files. The source file + must not exist. Note that the server will not create a link to any path that lies + outside the currently connected share. This is enforced by the Samba server. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>tar <c|x>[IXbgNa]</term> + <listitem><para>Performs a tar operation - see the <parameter>-T + </parameter> command line option above. Behavior may be affected + by the tarmode command (see below). Using g (incremental) and N + (newer) will affect tarmode settings. Note that using the "-" option + with tar x may not work - use the command line option instead. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>blocksize <blocksize></term> + <listitem><para>Blocksize. Must be followed by a valid (greater + than zero) blocksize. Causes tar file to be written out in + <replaceable>blocksize</replaceable>*TBLOCK (usually 512 byte) blocks. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>tarmode <full|inc|reset|noreset></term> + <listitem><para>Changes tar's behavior with regard to archive + bits. In full mode, tar will back up everything regardless of the + archive bit setting (this is the default mode). In incremental mode, + tar will only back up files with the archive bit set. In reset mode, + tar will reset the archive bit on all files it backs up (implies + read/write share). </para></listitem> + </varlistentry> + + + </variablelist> +</refsect1> + +<refsect1> + <title>NOTES</title> + + <para>Some servers are fussy about the case of supplied usernames, + passwords, share names (AKA service names) and machine names. + If you fail to connect try giving all parameters in uppercase. + </para> + + <para>It is often necessary to use the -n option when connecting + to some types of servers. For example OS/2 LanManager insists + on a valid NetBIOS name being used, so you need to supply a valid + name that would be known to the server.</para> + + <para>smbclient supports long file names where the server + supports the LANMAN2 protocol or above. </para> +</refsect1> + +<refsect1> + <title>ENVIRONMENT VARIABLES</title> + + <para>The variable <envar>USER</envar> may contain the + username of the person using the client. This information is + used only if the protocol level is high enough to support + session-level passwords.</para> + + + <para>The variable <envar>PASSWD</envar> may contain + the password of the person using the client. This information is + used only if the protocol level is high enough to support + session-level passwords. </para> + + <para>The variable <envar>LIBSMB_PROG</envar> may contain + the path, executed with system(), which the client should connect + to instead of connecting to a server. This functionality is primarily + intended as a development aid, and works best when using a LMHOSTS + file</para> +</refsect1> + + +<refsect1> + <title>INSTALLATION</title> + + <para>The location of the client program is a matter for + individual system administrators. The following are thus + suggestions only. </para> + + <para>It is recommended that the smbclient software be installed + in the <filename>/usr/local/samba/bin/</filename> or <filename> + /usr/samba/bin/</filename> directory, this directory readable + by all, writeable only by root. The client program itself should + be executable by all. The client should <emphasis>NOT</emphasis> be + setuid or setgid! </para> + + <para>The client log files should be put in a directory readable + and writeable only by the user. </para> + + <para>To test the client, you will need to know the name of a + running SMB/CIFS server. It is possible to run <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> as an ordinary user - running that server as a daemon + on a user-accessible port (typically any port number over 1024) + would provide a suitable test server. </para> +</refsect1> + + +<refsect1> + <title>DIAGNOSTICS</title> + + <para>Most diagnostics issued by the client are logged in a + specified log file. The log file name is specified at compile time, + but may be overridden on the command line. </para> + + <para>The number and nature of diagnostics available depends + on the debug level used by the client. If you have problems, + set the debug level to 3 and peruse the log files. </para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 2.2 of the Samba suite.</para> +</refsect1> + + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for Samba 3.0 + was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbcontrol.1.xml b/docs/manpages/smbcontrol.1.xml new file mode 100644 index 0000000000..af6054de58 --- /dev/null +++ b/docs/manpages/smbcontrol.1.xml @@ -0,0 +1,297 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbcontrol.1"> + +<refmeta> + <refentrytitle>smbcontrol</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbcontrol</refname> + <refpurpose>send messages to smbd, nmbd or winbindd processes</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbcontrol</command> + <arg>-i</arg> + <arg>-s</arg> + </cmdsynopsis> + + <cmdsynopsis> + <command>smbcontrol</command> + <arg>destination</arg> + <arg>message-type</arg> + <arg>parameter</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>smbcontrol</command> is a very small program, which + sends messages to a <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, a <citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, or a <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> daemon running on the system.</para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + &stdarg.help; + &stdarg.configfile; + <varlistentry> + <term>-i</term> + <listitem><para>Run interactively. Individual commands + of the form destination message-type parameters can be entered + on STDIN. An empty command line or a "q" will quit the + program.</para></listitem> + </varlistentry> + + <varlistentry> + <term>destination</term> + <listitem><para>One of <parameter>nmbd</parameter>, <parameter>smbd</parameter> or a process ID.</para> + + <para>The <parameter>smbd</parameter> destination causes the + message to "broadcast" to all smbd daemons.</para> + + <para>The <parameter>nmbd</parameter> destination causes the + message to be sent to the nmbd daemon specified in the + <filename>nmbd.pid</filename> file.</para> + + <para>If a single process ID is given, the message is sent + to only that process.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>message-type</term> + <listitem><para>Type of message to send. See + the section <constant>MESSAGE-TYPES</constant> for details. + </para></listitem></varlistentry> + + + + <varlistentry> + <term>parameters</term> + <listitem><para>any parameters required for the message-type</para> + </listitem> + </varlistentry> + </variablelist> + +</refsect1> + +<refsect1> + <title>MESSAGE-TYPES</title> + + <para>Available message types are:</para> + + <variablelist> + <varlistentry><term>close-share</term> + <listitem><para>Order smbd to close the client + connections to the named share. Note that this doesn't affect client + connections to any other shares. This message-type takes an argument of the + share name for which client connections will be closed, or the + "*" character which will close all currently open shares. + This may be useful if you made changes to the access controls on the share. + This message can only be sent to <constant>smbd</constant>.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>debug</term> + <listitem><para>Set debug level to the value specified by the + parameter. This can be sent to any of the destinations.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>force-election</term> + <listitem><para>This message causes the <command>nmbd</command> daemon to + force a new browse master election. </para> + </listitem></varlistentry> + + <varlistentry> + <term>ping</term> + <listitem><para> + Send specified number of "ping" messages and + wait for the same number of reply "pong" messages. This can be sent to + any of the destinations.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>profile</term> + <listitem><para>Change profile settings of a daemon, based on the + parameter. The parameter can be "on" to turn on profile stats + collection, "off" to turn off profile stats collection, "count" + to enable only collection of count stats (time stats are + disabled), and "flush" to zero the current profile stats. This can + be sent to any smbd or nmbd destinations.</para> + </listitem></varlistentry> + + <varlistentry> + <term>debuglevel</term> + <listitem><para> + Request debuglevel of a certain daemon and write it to stdout. This + can be sent to any of the destinations.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>profilelevel</term> + <listitem><para> + Request profilelevel of a certain daemon and write it to stdout. + This can be sent to any smbd or nmbd destinations.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>printnotify</term> + <listitem><para> + Order smbd to send a printer notify message to any Windows NT clients + connected to a printer. This message-type takes the following arguments: + </para> + + <variablelist> + + <varlistentry> + <term>queuepause printername</term> + <listitem><para>Send a queue pause change notify + message to the printer specified.</para></listitem> + </varlistentry> + + <varlistentry> + <term>queueresume printername</term> + <listitem><para>Send a queue resume change notify + message for the printer specified.</para></listitem> + </varlistentry> + + <varlistentry> + <term>jobpause printername unixjobid</term> + <listitem><para>Send a job pause change notify + message for the printer and unix jobid + specified.</para></listitem> + </varlistentry> + + <varlistentry> + <term>jobresume printername unixjobid</term> + <listitem><para>Send a job resume change notify + message for the printer and unix jobid + specified.</para></listitem> + </varlistentry> + + <varlistentry> + <term>jobdelete printername unixjobid</term> + <listitem><para>Send a job delete change notify + message for the printer and unix jobid + specified.</para></listitem> + </varlistentry> + </variablelist> + + <para> + Note that this message only sends notification that an + event has occured. It doesn't actually cause the + event to happen. + </para> + + <para>This message can only be sent to <constant>smbd</constant>. </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>samsync</term> + <listitem><para>Order smbd to synchronise sam database from PDC (being BDC). Can only be sent to <constant>smbd</constant>. </para> + <note><para>Not working at the moment</para></note> + </listitem> + </varlistentry> + + <varlistentry> + <term>samrepl</term> + <listitem><para>Send sam replication message, with specified serial. Can only be sent to <constant>smbd</constant>. Should not be used manually.</para></listitem> + </varlistentry> + + <varlistentry> + <term>dmalloc-mark</term> + <listitem><para>Set a mark for dmalloc. Can be sent to both smbd and nmbd. Only available if samba is built with dmalloc support. </para></listitem> + </varlistentry> + + <varlistentry> + <term>dmalloc-log-changed</term> + <listitem><para> + Dump the pointers that have changed since the mark set by dmalloc-mark. + Can be sent to both smbd and nmbd. Only available if samba is built with dmalloc support. </para></listitem> + </varlistentry> + + <varlistentry> + <term>shutdown</term> + <listitem><para>Shut down specified daemon. Can be sent to both smbd and nmbd.</para></listitem> + </varlistentry> + + <varlistentry> + <term>pool-usage</term> + <listitem><para>Print a human-readable description of all + talloc(pool) memory usage by the specified daemon/process. Available + for both smbd and nmbd.</para></listitem> + </varlistentry> + + <varlistentry> + <term>drvupgrade</term> + <listitem><para>Force clients of printers using specified driver + to update their local version of the driver. Can only be + sent to smbd.</para></listitem> + </varlistentry> + + <varlistentry> + <term>reload-config</term> + <listitem><para>Force daemon to reload smb.conf configuration file. Can be sent + to <constant>smbd</constant>, <constant>nmbd</constant>, or <constant>winbindd</constant>. + </para></listitem> + </varlistentry> + +</variablelist> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for + Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbcquotas.1.xml b/docs/manpages/smbcquotas.1.xml new file mode 100644 index 0000000000..280d1b6364 --- /dev/null +++ b/docs/manpages/smbcquotas.1.xml @@ -0,0 +1,181 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbcquotas.1"> + +<refmeta> + <refentrytitle>smbcquotas</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbcquotas</refname> + <refpurpose>Set or get QUOTAs of NTFS 5 shares</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbcquotas</command> + <arg choice="req">//server/share</arg> + <arg choice="opt">-u user</arg> + <arg choice="opt">-L</arg> + <arg choice="opt">-F</arg> + <arg choice="opt">-S QUOTA_SET_COMMAND</arg> + <arg choice="opt">-n</arg> + <arg choice="opt">-t</arg> + <arg choice="opt">-v</arg> + + <arg choice="opt">-d debuglevel</arg> + <arg choice="opt">-s configfile</arg> + <arg choice="opt">-l logdir</arg> + <arg choice="opt">-V</arg> + + <arg choice="opt">-U username</arg> + <arg choice="opt">-N</arg> + <arg choice="opt">-k</arg> + <arg choice="opt">-A</arg> + + + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The <command>smbcquotas</command> program manipulates NT Quotas on SMB file shares. </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <para>The following options are available to the <command>smbcquotas</command> program. </para> + + + <variablelist> + <varlistentry> + <term>-u user</term> + <listitem><para> Specifies the user of whom the quotas are get or set. + By default the current user's username will be used.</para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-L</term> + <listitem><para>Lists all quota records of the share.</para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-F</term> + <listitem><para>Show the share quota status and default limits.</para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-S QUOTA_SET_COMMAND</term> + <listitem><para>This command sets/modifies quotas for a user or on the share, + depending on the QUOTA_SET_COMMAND parameter which is described later.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>-n</term> + <listitem><para>This option displays all QUOTA information in numeric + format. The default is to convert SIDs to names and QUOTA limits + to a readable string format.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-t</term> + <listitem><para> + Don't actually do anything, only validate the correctness of the arguments. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-v</term> + <listitem><para> + Be verbose. + </para></listitem> + </varlistentry> + + &stdarg.help; + &popt.common.samba; + &popt.common.credentials; + </variablelist> +</refsect1> + + +<refsect1> + <title>QUOTA_SET_COMAND</title> + + <para>The format of an ACL is one or more ACL entries separated by + either commas or newlines. An ACL entry is one of the following: </para> + + <para> + for setting user quotas for the user specified by -u or the current username: + </para> + + <para><userinput> + UQLIM:<username>:<softlimit>/<hardlimit> + </userinput></para> + + <para> + for setting the default quotas for a share: + </para> + + <para><userinput> + FSQLIM:<softlimit>/<hardlimit> + </userinput></para> + + <para> + for changing the share quota settings: + </para> + + <para><userinput> + FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT + </userinput></para> +</refsect1> + +<refsect1> + <title>EXIT STATUS</title> + + <para>The <command>smbcquotas</command> program sets the exit status + depending on the success or otherwise of the operations performed. + The exit status may be one of the following values. </para> + + <para>If the operation succeeded, smbcquotas returns an exit + status of 0. If <command>smbcquotas</command> couldn't connect to the specified server, + or when there was an error getting or setting the quota(s), an exit status + of 1 is returned. If there was an error parsing any command line + arguments, an exit status of 2 is returned. </para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para><command>smbcquotas</command> was written by Stefan Metzmacher.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbd.8.xml b/docs/manpages/smbd.8.xml new file mode 100644 index 0000000000..4a3d3fdc0c --- /dev/null +++ b/docs/manpages/smbd.8.xml @@ -0,0 +1,351 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbd.8"> + +<refmeta> + <refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbd</refname> + <refpurpose>server to provide SMB/CIFS services to clients</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbd</command> + <arg choice="opt">-D</arg> + <arg choice="opt">-F</arg> + <arg choice="opt">-S</arg> + <arg choice="opt">-i</arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-V</arg> + <arg choice="opt">-b</arg> + <arg choice="opt">-d <debug level></arg> + <arg choice="opt">-l <log directory></arg> + <arg choice="opt">-p <port number></arg> + <arg choice="opt">-O <socket option></arg> + <arg choice="opt">-s <configuration file></arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + <para>This program is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>smbd</command> is the server daemon that + provides filesharing and printing services to Windows clients. + The server provides filespace and printer services to + clients using the SMB (or CIFS) protocol. This is compatible + with the LanManager protocol, and can service LanManager + clients. These include MSCLIENT 3.0 for DOS, Windows for + Workgroups, Windows 95/98/ME, Windows NT, Windows 2000, + OS/2, DAVE for Macintosh, and smbfs for Linux.</para> + + <para>An extensive description of the services that the + server can provide is given in the man page for the + configuration file controlling the attributes of those + services (see <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>. This man page will not describe the + services, but will concentrate on the administrative aspects + of running the server.</para> + + <para>Please note that there are significant security + implications to running this server, and the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> manual page should be regarded as mandatory reading before + proceeding with installation.</para> + + <para>A session is created whenever a client requests one. + Each client gets a copy of the server for each session. This + copy then services all connections made by the client during + that session. When all connections from its client are closed, + the copy of the server for that client terminates.</para> + + <para>The configuration file, and any files that it includes, + are automatically reloaded every minute, if they change. You + can force a reload by sending a SIGHUP to the server. Reloading + the configuration file will not affect connections to any service + that is already established. Either the user will have to + disconnect from the service, or <command>smbd</command> killed and restarted.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-D</term> + <listitem><para>If specified, this parameter causes + the server to operate as a daemon. That is, it detaches + itself and runs in the background, fielding requests + on the appropriate port. Operating the server as a + daemon is the recommended way of running <command>smbd</command> for + servers that provide more than casual use file and + print services. This switch is assumed if <command>smbd + </command> is executed on the command line of a shell. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-F</term> + <listitem><para>If specified, this parameter causes + the main <command>smbd</command> process to not daemonize, + i.e. double-fork and disassociate with the terminal. + Child processes are still created as normal to service + each connection request, but the main process does not + exit. This operation mode is suitable for running + <command>smbd</command> under process supervisors such + as <command>supervise</command> and <command>svscan</command> + from Daniel J. Bernstein's <command>daemontools</command> + package, or the AIX process monitor. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-S</term> + <listitem><para>If specified, this parameter causes + <command>smbd</command> to log to standard output rather + than a file.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-i</term> + <listitem><para>If this parameter is specified it causes the + server to run "interactively", not as a daemon, even if the + server is executed on the command line of a shell. Setting this + parameter negates the implicit deamon mode when run from the + command line. <command>smbd</command> also logs to standard + output, as if the <command>-S</command> parameter had been + given. + </para></listitem> + </varlistentry> + + &popt.common.samba; + &stdarg.help; + + <varlistentry> + <term>-b</term> + <listitem><para>Prints information about how + Samba was built.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-p <port number></term> + <listitem><para><replaceable>port number</replaceable> is a positive integer + value. The default value if this parameter is not + specified is 139.</para> + + <para>This number is the port number that will be + used when making connections to the server from client + software. The standard (well-known) port number for the + SMB over TCP is 139, hence the default. If you wish to + run the server as an ordinary user rather than + as root, most systems will require you to use a port + number greater than 1024 - ask your system administrator + for help if you are in this situation.</para> + + <para>In order for the server to be useful by most + clients, should you configure it on a port other + than 139, you will require port redirection services + on port 139, details of which are outlined in rfc1002.txt + section 4.3.5.</para> + + <para>This parameter is not normally specified except + in the above situation.</para></listitem> + </varlistentry> + </variablelist> +</refsect1> + +<refsect1> + <title>FILES</title> + + <variablelist> + <varlistentry> + <term><filename>/etc/inetd.conf</filename></term> + <listitem><para>If the server is to be run by the + <command>inetd</command> meta-daemon, this file + must contain suitable startup information for the + meta-daemon. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><filename>/etc/rc</filename></term> + <listitem><para>or whatever initialization script your + system uses).</para> + + <para>If running the server as a daemon at startup, + this file will need to contain an appropriate startup + sequence for the server. </para></listitem> + </varlistentry> + + <varlistentry> + <term><filename>/etc/services</filename></term> + <listitem><para>If running the server via the + meta-daemon <command>inetd</command>, this file + must contain a mapping of service name (e.g., netbios-ssn) + to service port (e.g., 139) and protocol type (e.g., tcp). + </para></listitem> + </varlistentry> + + <varlistentry> + <term><filename>/usr/local/samba/lib/smb.conf</filename></term> + <listitem><para>This is the default location of the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> server configuration file. Other common places that systems + install this file are <filename>/usr/samba/lib/smb.conf</filename> + and <filename>/etc/samba/smb.conf</filename>.</para> + + <para>This file describes all the services the server + is to make available to clients. See <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> for more information.</para> + </listitem> + </varlistentry> + </variablelist> +</refsect1> + +<refsect1> + <title>LIMITATIONS</title> + <para>On some systems <command>smbd</command> cannot change uid back + to root after a setuid() call. Such systems are called + trapdoor uid systems. If you have such a system, + you will be unable to connect from a client (such as a PC) as + two different users at once. Attempts to connect the + second user will result in access denied or + similar.</para> +</refsect1> + +<refsect1> + <title>ENVIRONMENT VARIABLES</title> + + <variablelist> + <varlistentry> + <term><envar>PRINTER</envar></term> + <listitem><para>If no printer name is specified to + printable services, most systems will use the value of + this variable (or <constant>lp</constant> if this variable is + not defined) as the name of the printer to use. This + is not specific to the server, however.</para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>PAM INTERACTION</title> + <para>Samba uses PAM for authentication (when presented with a plaintext + password), for account checking (is this account disabled?) and for + session management. The degree too which samba supports PAM is restricted + by the limitations of the SMB protocol and the <smbconfoption><name>obey pam restrictions</name></smbconfoption> <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> paramater. When this is set, the following restrictions apply: + </para> + + <itemizedlist> + <listitem><para><emphasis>Account Validation</emphasis>: All accesses to a + samba server are checked + against PAM to see if the account is vaild, not disabled and is permitted to + login at this time. This also applies to encrypted logins. + </para></listitem> + + <listitem><para><emphasis>Session Management</emphasis>: When not using share + level secuirty, users must pass PAM's session checks before access + is granted. Note however, that this is bypassed in share level secuirty. + Note also that some older pam configuration files may need a line + added for session support. + </para></listitem> + </itemizedlist> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>DIAGNOSTICS</title> + + <para>Most diagnostics issued by the server are logged + in a specified log file. The log file name is specified + at compile time, but may be overridden on the command line.</para> + + <para>The number and nature of diagnostics available depends + on the debug level used by the server. If you have problems, set + the debug level to 3 and peruse the log files.</para> + + <para>Most messages are reasonably self-explanatory. Unfortunately, + at the time this man page was created, there are too many diagnostics + available in the source code to warrant describing each and every + diagnostic. At this stage your best bet is still to grep the + source code and inspect the conditions that gave rise to the + diagnostics you are seeing.</para> +</refsect1> + +<refsect1> + <title>SIGNALS</title> + + <para>Sending the <command>smbd</command> a SIGHUP will cause it to + reload its <filename>smb.conf</filename> configuration + file within a short period of time.</para> + + <para>To shut down a user's <command>smbd</command> process it is recommended + that <command>SIGKILL (-9)</command> <emphasis>NOT</emphasis> + be used, except as a last resort, as this may leave the shared + memory area in an inconsistent state. The safe way to terminate + an <command>smbd</command> is to send it a SIGTERM (-15) signal and wait for + it to die on its own.</para> + + <para>The debug log level of <command>smbd</command> may be raised + or lowered using <citerefentry><refentrytitle>smbcontrol</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> program (SIGUSR[1|2] signals are no longer + used since Samba 2.2). This is to allow transient problems to be diagnosed, + whilst still running at a normally low log level.</para> + + <para>Note that as the signal handlers send a debug write, + they are not re-entrant in <command>smbd</command>. This you should wait until + <command>smbd</command> is in a state of waiting for an incoming SMB before + issuing them. It is possible to make the signal handlers safe + by un-blocking the signals before the select call and re-blocking + them after, however this would affect performance.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>hosts_access</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>inetd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>smbclient</refentrytitle> + <manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>testparm</refentrytitle> + <manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>testprns</refentrytitle> + <manvolnum>1</manvolnum></citerefentry>, and the + Internet RFC's <filename>rfc1001.txt</filename>, <filename>rfc1002.txt</filename>. + In addition the CIFS (formerly SMB) specification is available + as a link from the Web page <ulink noescape="1" url="http://samba.org/cifs/"> + http://samba.org/cifs/</ulink>.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for + Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbget.1.xml b/docs/manpages/smbget.1.xml new file mode 100644 index 0000000000..96b8cf10c8 --- /dev/null +++ b/docs/manpages/smbget.1.xml @@ -0,0 +1,211 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbget.1"> + +<refmeta> + <refentrytitle>smbget</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbget</refname> + <refpurpose>wget-like utility for download files over SMB</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbget</command> + <arg choice="opt">-a, --guest</arg> + <arg choice="opt">-r, --resume</arg> + <arg choice="opt">-R, --recursive</arg> + <arg choice="opt">-u, --username=STRING</arg> + <arg choice="opt">-p, --password=STRING</arg> + <arg choice="opt">-w, --workgroup=STRING</arg> + <arg choice="opt">-n, --nonprompt</arg> + <arg choice="opt">-d, --debuglevel=INT</arg> + <arg choice="opt">-D, --dots</arg> + <arg choice="opt">-P, --keep-permissions</arg> + <arg choice="opt">-o, --outputfile</arg> + <arg choice="opt">-f, --rcfile</arg> + <arg choice="opt">-q, --quiet</arg> + <arg choice="opt">-v, --verbose</arg> + <arg choice="opt">-b, --blocksize</arg> + <arg choice="opt">-?, --help</arg> + <arg choice="opt">--usage</arg> + <arg choice="req">smb://host/share/path/to/file</arg> + <arg choice="opt">smb://url2/</arg> + <arg choice="opt">...</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>smbget is a simple utility with wget-like semantics, that can download files from SMB servers. You can specify the files you would like to download on the command-line. + </para> + + <para> + The files should be in the smb-URL standard, e.g. use smb://host/share/file + for the UNC path <emphasis>\\\\HOST\\SHARE\\file</emphasis>. + </para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <varlistentry> + <term>-a, --guest</term> + <listitem><para>Work as user guest</para></listitem> + </varlistentry> + + <varlistentry> + <term>-r, --resume</term> + <listitem><para>Automatically resume aborted files</para></listitem> + </varlistentry> + + <varlistentry> + <term>-R, --recursive</term> + <listitem><para>Recursively download files</para></listitem> + </varlistentry> + + <varlistentry> + <term>-u, --username=STRING</term> + <listitem><para>Username to use</para></listitem> + </varlistentry> + + <varlistentry> + <term>-p, --password=STRING</term> + <listitem><para>Password to use</para></listitem> + </varlistentry> + + <varlistentry> + <term>-w, --workgroup=STRING</term> + <listitem><para>Workgroup to use (optional)</para></listitem> + </varlistentry> + + <varlistentry> + <term>-n, --nonprompt</term> + <listitem><para>Don't ask anything (non-interactive)</para></listitem> + </varlistentry> + + <varlistentry> + <term>-d, --debuglevel=INT</term> + <listitem><para>Debuglevel to use</para></listitem> + </varlistentry> + + <varlistentry> + <term>-D, --dots</term> + <listitem><para>Show dots as progress indication</para></listitem> + </varlistentry> + + <varlistentry> + <term>-P, --keep-permissions</term> + <listitem><para>Set same permissions on local file as are set on remote file.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-o, --outputfile</term> + <listitem><para>Write the file that is being download to the specified file. Can not be used together with -R.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-f, --rcfile</term> + <listitem><para>Use specified rcfile. This will be loaded in the order it was specified - e.g. if you specify any options before this one, they might get overriden by the contents of the rcfile.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-q, --quiet</term> + <listitem><para>Be quiet</para></listitem> + </varlistentry> + + <varlistentry> + <term>-v, --verbose</term> + <listitem><para>Be verbose</para></listitem> + </varlistentry> + + <varlistentry> + <term>-b, --blocksize</term> + <listitem><para>Number of bytes to download in a block. Defaults to 64000.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-?, --help</term> + <listitem><para>Show help message</para></listitem> + </varlistentry> + + <varlistentry> + <term>--usage</term> + <listitem><para>Display brief usage message</para></listitem> + </varlistentry> +</refsect1> + +<refsect1> + <title>SMB URLS</title> + + <para> SMB URL's should be specified in the following format:</para> + + <para><programlisting> +smb://[[[domain;]user[:password@]]server[/share[/path[/file]]]] +</programlisting></para> + +<para><programlisting> +smb:// means all the workgroups +</programlisting></para> + +<para><programlisting> +smb://name/ means, if <replaceable>name</replaceable> is a workgroup, all the servers in this workgroup, or if <replaceable>name</replaceable> is a server, all the shares on this server. +</programlisting></para> + +</refsect1> + +<refsect1> + <title>EXAMPLES</title> + +<programlisting> +# Recursively download 'src' directory +smbget -R smb://rhonwyn/jelmer/src +# Download FreeBSD ISO and enable resuming +smbget -r smb://rhonwyn/isos/FreeBSD5.1.iso +# Recursively download all ISOs +smbget -Rr smb://rhonwyn/isos +# Backup my data on rhonwyn +smbget -Rr smb://rhonwyn/ +</programlisting> + +</refsect1> + +<refsect1> + <title>BUGS</title> + + <para>Permission denied is returned in some cases where the cause of the error is unknown +(such as an illegally formatted smb:// url or trying to get a directory without -R +turned on).</para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The smbget manpage was written by Jelmer Vernooij.</para> + +</refsect1> + +</refentry> diff --git a/docs/manpages/smbmnt.8.xml b/docs/manpages/smbmnt.8.xml new file mode 100644 index 0000000000..0495fa5be0 --- /dev/null +++ b/docs/manpages/smbmnt.8.xml @@ -0,0 +1,121 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbmnt.8"> + +<refmeta> + <refentrytitle>smbmnt</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbmnt</refname> + <refpurpose>helper utility for mounting SMB filesystems</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbmnt</command> + <arg choice="req">mount-point</arg> + <arg choice="opt">-s <share></arg> + <arg choice="opt">-r</arg> + <arg choice="opt">-u <uid></arg> + <arg choice="opt">-g <gid></arg> + <arg choice="opt">-f <mask></arg> + <arg choice="opt">-d <mask></arg> + <arg choice="opt">-o <options></arg> + <arg choice="opt">-h</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para><command>smbmnt</command> is a helper application used + by the smbmount program to do the actual mounting of SMB shares. + <command>smbmnt</command> can be installed setuid root if you want + normal users to be able to mount their SMB shares.</para> + + <para>A setuid smbmnt will only allow mounts on directories owned + by the user, and that the user has write permission on.</para> + + <para>The <command>smbmnt</command> program is normally invoked + by <citerefentry><refentrytitle>smbmount</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>. It should not be invoked directly by users. </para> + + <para>smbmount searches the normal PATH for smbmnt. You must ensure + that the smbmnt version in your path matches the smbmount used.</para> + +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-r</term> + <listitem><para>mount the filesystem read-only + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-u uid</term> + <listitem><para>specify the uid that the files will + be owned by </para></listitem> + </varlistentry> + + <varlistentry> + <term>-g gid</term> + <listitem><para>specify the gid that the files will be + owned by </para></listitem> + </varlistentry> + + <varlistentry> + <term>-f mask</term> + <listitem><para>specify the octal file mask applied + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-d mask</term> + <listitem><para>specify the octal directory mask + applied </para></listitem> + </varlistentry> + + <varlistentry> + <term>-o options</term> + <listitem><para> + list of options that are passed as-is to smbfs, if this + command is run on a 2.4 or higher Linux kernel. + </para></listitem> + </varlistentry> + + &stdarg.help; + + </variablelist> +</refsect1> + + +<refsect1> + <title>AUTHOR</title> + + <para>Volker Lendecke, Andrew Tridgell, Michael H. Warfield + and others.</para> + + <para>The current maintainer of smbfs and the userspace + tools <command>smbmount</command>, <command>smbumount</command>, + and <command>smbmnt</command> is <ulink + url="mailto:urban@teststation.com">Urban Widmark</ulink>. + The <ulink url="mailto:samba@samba.org">SAMBA Mailing list</ulink> + is the preferred place to ask questions regarding these programs. + </para> + + <para>The conversion of this manpage for Samba 2.2 was performed + by Gerald Carter. The conversion to DocBook XML 4.2 for Samba 3.0 + was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbmount.8.xml b/docs/manpages/smbmount.8.xml new file mode 100644 index 0000000000..0017c99cd5 --- /dev/null +++ b/docs/manpages/smbmount.8.xml @@ -0,0 +1,336 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbmount.8"> + +<refmeta> + <refentrytitle>smbmount</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbmount</refname> + <refpurpose>mount an smbfs filesystem</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbmount</command> + <arg choice="req">service</arg> + <arg choice="req">mount-point</arg> + <arg choice="opt">-o options</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para><command>smbmount</command> mounts a Linux SMB filesystem. It + is usually invoked as <command>mount.smbfs</command> by + the <citerefentry><refentrytitle>mount</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> command when using the + "-t smbfs" option. This command only works in Linux, and the kernel must + support the smbfs filesystem. </para> + + <para>Options to <command>smbmount</command> are specified as a comma-separated + list of key=value pairs. It is possible to send options other + than those listed here, assuming that smbfs supports them. If + you get mount failures, check your kernel log for errors on + unknown options.</para> + + <para><command>smbmount</command> is a daemon. After mounting it keeps running until + the mounted smbfs is umounted. It will log things that happen + when in daemon mode using the "machine name" smbmount, so + typically this output will end up in <filename>log.smbmount</filename>. The <command> + smbmount</command> process may also be called mount.smbfs.</para> + + <note><para> <command>smbmount</command> + calls <citerefentry><refentrytitle>smbmnt</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> to do the actual mount. You + must make sure that <command>smbmnt</command> is in the path so + that it can be found. </para></note> + +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>username=<arg></term> + <listitem><para>specifies the username to connect as. If + this is not given, then the environment variable <envar> + USER</envar> is used. This option can also take the + form "user%password" or "user/workgroup" or + "user/workgroup%password" to allow the password and workgroup + to be specified as part of the username.</para></listitem> + </varlistentry> + + <varlistentry> + <term>password=<arg></term> + <listitem><para>specifies the SMB password. If this + option is not given then the environment variable + <envar>PASSWD</envar> is used. If it can find + no password <command>smbmount</command> will prompt + for a passeword, unless the guest option is + given. </para> + + <para> + Note that passwords which contain the argument delimiter + character (i.e. a comma ',') will failed to be parsed correctly + on the command line. However, the same password defined + in the PASSWD environment variable or a credentials file (see + below) will be read correctly. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>credentials=<filename></term> + <listitem><para>specifies a file that contains a username and/or password. +The format of the file is: +<programlisting> +username = <value> +password = <value> +</programlisting></para> + + <para>This is preferred over having passwords in plaintext in a + shared file, such as <filename>/etc/fstab</filename>. Be sure to protect any + credentials file properly. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>krb</term> + <listitem><para>Use kerberos (Active Directory). </para></listitem> + </varlistentry> + + <varlistentry> + <term>netbiosname=<arg></term> + <listitem><para>sets the source NetBIOS name. It defaults + to the local hostname. </para></listitem> + </varlistentry> + + <varlistentry> + <term>uid=<arg></term> + <listitem><para>sets the uid that will own all files on + the mounted filesystem. + It may be specified as either a username or a numeric uid. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>gid=<arg></term> + <listitem><para>sets the gid that will own all files on + the mounted filesystem. + It may be specified as either a groupname or a numeric + gid. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>port=<arg></term> + <listitem><para>sets the remote SMB port number. The default + is 139. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>fmask=<arg></term> + <listitem><para>sets the file mask. This determines the + permissions that remote files have in the local filesystem. + This is not a umask, but the actual permissions for the files. + The default is based on the current umask. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>dmask=<arg></term> + <listitem><para>Sets the directory mask. This determines the + permissions that remote directories have in the local filesystem. + This is not a umask, but the actual permissions for the directories. + The default is based on the current umask. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>debug=<arg></term> + <listitem><para>Sets the debug level. This is useful for + tracking down SMB connection problems. A suggested value to + start with is 4. If set too high there will be a lot of + output, possibly hiding the useful output.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>ip=<arg></term> + <listitem><para>Sets the destination host or IP address. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>workgroup=<arg></term> + <listitem><para>Sets the workgroup on the destination </para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>sockopt=<arg></term> + <listitem><para>Sets the TCP socket options. See the <ulink + url="smb.conf.5.html#SOCKETOPTIONS"><citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry></ulink> <parameter>socket options</parameter> option. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>scope=<arg></term> + <listitem><para>Sets the NetBIOS scope </para></listitem> + </varlistentry> + + <varlistentry> + <term>guest</term> + <listitem><para>Don't prompt for a password </para></listitem> + </varlistentry> + + <varlistentry> + <term>ro</term> + <listitem><para>mount read-only </para></listitem> + </varlistentry> + + <varlistentry> + <term>rw</term><listitem><para>mount read-write </para></listitem> + </varlistentry> + + <varlistentry> + <term>iocharset=<arg></term> + <listitem><para> + sets the charset used by the Linux side for codepage + to charset translations (NLS). Argument should be the + name of a charset, like iso8859-1. (Note: only kernel + 2.4.0 or later) + </para></listitem> + </varlistentry> + + <varlistentry> + <term>codepage=<arg></term> + <listitem><para> + sets the codepage the server uses. See the iocharset + option. Example value cp850. (Note: only kernel 2.4.0 + or later) + </para></listitem> + </varlistentry> + + <varlistentry> + <term>ttl=<arg></term> + <listitem><para> + sets how long a directory listing is cached in milliseconds + (also affects visibility of file size and date + changes). A higher value means that changes on the + server take longer to be noticed but it can give + better performance on large directories, especially + over long distances. Default is 1000ms but something + like 10000ms (10 seconds) is probably more reasonable + in many cases. + (Note: only kernel 2.4.2 or later) + </para></listitem> + </varlistentry> + + </variablelist> + + +</refsect1> + +<refsect1> + <title>ENVIRONMENT VARIABLES</title> + + <para>The variable <envar>USER</envar> may contain the username of the + person using the client. This information is used only if the + protocol level is high enough to support session-level + passwords. The variable can be used to set both username and + password by using the format username%password.</para> + + <para>The variable <envar>PASSWD</envar> may contain the password of the + person using the client. This information is used only if the + protocol level is high enough to support session-level + passwords.</para> + + <para>The variable <envar>PASSWD_FILE</envar> may contain the pathname + of a file to read the password from. A single line of input is + read and used as the password.</para> +</refsect1> + + +<refsect1> + <title>BUGS</title> + + <para>Passwords and other options containing , can not be handled. + For passwords an alternative way of passing them is in a credentials + file or in the PASSWD environment.</para> + + <para>The credentials file does not handle usernames or passwords with + leading space.</para> + + <para>One smbfs bug is important enough to mention here, even if it + is a bit misplaced:</para> + + <itemizedlist> + + <listitem><para>Mounts sometimes stop working. This is usually + caused by smbmount terminating. Since smbfs needs smbmount to + reconnect when the server disconnects, the mount will eventually go + dead. An umount/mount normally fixes this. At least 2 ways to + trigger this bug are known.</para></listitem> + + </itemizedlist> + + <para>Note that the typical response to a bug report is suggestion + to try the latest version first. So please try doing that first, + and always include which versions you use of relevant software + when reporting bugs (minimum: samba, kernel, distribution)</para> + +</refsect1> + + +<refsect1> + <title>SEE ALSO</title> + + <para>Documentation/filesystems/smbfs.txt in the linux kernel + source tree may contain additional options and information.</para> + + <para>FreeBSD also has a smbfs, but it is not related to smbmount</para> + + <para>For Solaris, HP-UX and others you may want to look at <citerefentry><refentrytitle>smbsh</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> or at other solutions, such as + Sharity or perhaps replacing the SMB server with a NFS server.</para> + +</refsect1> + + +<refsect1> + <title>AUTHOR</title> + + <para>Volker Lendecke, Andrew Tridgell, Michael H. Warfield + and others.</para> + + <para>The current maintainer of smbfs and the userspace + tools <command>smbmount</command>, <command>smbumount</command>, + and <command>smbmnt</command> is <ulink + url="mailto:urban@teststation.com">Urban Widmark</ulink>. + The <ulink url="mailto:samba@samba.org">SAMBA Mailing list</ulink> + is the preferred place to ask questions regarding these programs. + </para> + + <para>The conversion of this manpage for Samba 2.2 was performed + by Gerald Carter. The conversion to DocBook XML 4.2 for Samba 3.0 + was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbpasswd.5.xml b/docs/manpages/smbpasswd.5.xml new file mode 100644 index 0000000000..cb6a6070bd --- /dev/null +++ b/docs/manpages/smbpasswd.5.xml @@ -0,0 +1,208 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbpasswd.5"> + +<refmeta> + <refentrytitle>smbpasswd</refentrytitle> + <manvolnum>5</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbpasswd</refname> + <refpurpose>The Samba encrypted password file</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <para><filename>smbpasswd</filename></para> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>smbpasswd is the Samba encrypted password file. It contains + the username, Unix user id and the SMB hashed passwords of the + user, as well as account flag information and the time the + password was last changed. This file format has been evolving with + Samba and has had several different formats in the past. </para> +</refsect1> + +<refsect1> + <title>FILE FORMAT</title> + + <para>The format of the smbpasswd file used by Samba 2.2 + is very similar to the familiar Unix <filename>passwd(5)</filename> + file. It is an ASCII file containing one line for each user. Each field + ithin each line is separated from the next by a colon. Any entry + beginning with '#' is ignored. The smbpasswd file contains the + following information for each user: </para> + + <variablelist> + <varlistentry> + <term>name</term> + <listitem><para> This is the user name. It must be a name that + already exists in the standard UNIX passwd file. </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>uid</term> + <listitem><para>This is the UNIX uid. It must match the uid + field for the same user entry in the standard UNIX passwd file. + If this does not match then Samba will refuse to recognize + this smbpasswd file entry as being valid for a user. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>Lanman Password Hash</term> + <listitem><para>This is the LANMAN hash of the user's password, + encoded as 32 hex digits. The LANMAN hash is created by DES + encrypting a well known string with the user's password as the + DES key. This is the same password used by Windows 95/98 machines. + Note that this password hash is regarded as weak as it is + vulnerable to dictionary attacks and if two users choose the + same password this entry will be identical (i.e. the password + is not "salted" as the UNIX password is). If the user has a + null password this field will contain the characters "NO PASSWORD" + as the start of the hex string. If the hex string is equal to + 32 'X' characters then the user's account is marked as + <constant>disabled</constant> and the user will not be able to + log onto the Samba server. </para> + + <para><emphasis>WARNING !!</emphasis> Note that, due to + the challenge-response nature of the SMB/CIFS authentication + protocol, anyone with a knowledge of this password hash will + be able to impersonate the user on the network. For this + reason these hashes are known as <emphasis>plain text + equivalents</emphasis> and must <emphasis>NOT</emphasis> be made + available to anyone but the root user. To protect these passwords + the smbpasswd file is placed in a directory with read and + traverse access only to the root user and the smbpasswd file + itself must be set to be read/write only by root, with no + other access. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>NT Password Hash</term> + <listitem><para>This is the Windows NT hash of the user's + password, encoded as 32 hex digits. The Windows NT hash is + created by taking the user's password as represented in + 16-bit, little-endian UNICODE and then applying the MD4 + (internet rfc1321) hashing algorithm to it. </para> + + <para>This password hash is considered more secure than + the LANMAN Password Hash as it preserves the case of the + password and uses a much higher quality hashing algorithm. + However, it is still the case that if two users choose the same + password this entry will be identical (i.e. the password is + not "salted" as the UNIX password is). </para> + + <para><emphasis>WARNING !!</emphasis>. Note that, due to + the challenge-response nature of the SMB/CIFS authentication + protocol, anyone with a knowledge of this password hash will + be able to impersonate the user on the network. For this + reason these hashes are known as <emphasis>plain text + equivalents</emphasis> and must <emphasis>NOT</emphasis> be made + available to anyone but the root user. To protect these passwords + the smbpasswd file is placed in a directory with read and + traverse access only to the root user and the smbpasswd file + itself must be set to be read/write only by root, with no + other access. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>Account Flags</term> + <listitem><para>This section contains flags that describe + the attributes of the users account. In the Samba 2.2 release + this field is bracketed by '[' and ']' characters and is always + 13 characters in length (including the '[' and ']' characters). + The contents of this field may be any of the following characters: + </para> + + <itemizedlist> + <listitem><para><emphasis>U</emphasis> - This means + this is a "User" account, i.e. an ordinary user. Only User + and Workstation Trust accounts are currently supported + in the smbpasswd file. </para></listitem> + + <listitem><para><emphasis>N</emphasis> - This means the + account has no password (the passwords in the fields LANMAN + Password Hash and NT Password Hash are ignored). Note that this + will only allow users to log on with no password if the <parameter> + null passwords</parameter> parameter is set in the + <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> config file. </para></listitem> + + <listitem><para><emphasis>D</emphasis> - This means the account + is disabled and no SMB/CIFS logins will be allowed for this user. </para></listitem> + + <listitem><para><emphasis>W</emphasis> - This means this account + is a "Workstation Trust" account. This kind of account is used + in the Samba PDC code stream to allow Windows NT Workstations + and Servers to join a Domain hosted by a Samba PDC. </para> + </listitem> + </itemizedlist> + + <para>Other flags may be added as the code is extended in future. + The rest of this field space is filled in with spaces. </para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>Last Change Time</term> + <listitem><para>This field consists of the time the account was + last modified. It consists of the characters 'LCT-' (standing for + "Last Change Time") followed by a numeric encoding of the UNIX time + in seconds since the epoch (1970) that the last change was made. + </para></listitem> + </varlistentry> + </variablelist> + + <para>All other colon separated fields are ignored at this time.</para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry>, and + the Internet RFC1321 for details on the MD4 algorithm. + </para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink noescape="1" url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 + for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbpasswd.8.xml b/docs/manpages/smbpasswd.8.xml new file mode 100644 index 0000000000..3ee3a9e12e --- /dev/null +++ b/docs/manpages/smbpasswd.8.xml @@ -0,0 +1,405 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbpasswd.8"> + +<refmeta> + <refentrytitle>smbpasswd</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbpasswd</refname> + <refpurpose>change a user's SMB password</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbpasswd</command> + <arg choice="opt">-a</arg> + <arg choice="opt">-x</arg> + <arg choice="opt">-d</arg> + <arg choice="opt">-e</arg> + <arg choice="opt">-D debuglevel</arg> + <arg choice="opt">-n</arg> + <arg choice="opt">-r <remote machine></arg> + <arg choice="opt">-R <name resolve order></arg> + <arg choice="opt">-m</arg> + <arg choice="opt">-U username[%password]</arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-s</arg> + <arg choice="opt">-w pass</arg> + <arg choice="opt">-i</arg> + <arg choice="opt">-L</arg> + <arg choice="opt">username</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The smbpasswd program has several different + functions, depending on whether it is run by the <emphasis>root</emphasis> user + or not. When run as a normal user it allows the user to change + the password used for their SMB sessions on any machines that store + SMB passwords. </para> + + <para>By default (when run with no arguments) it will attempt to + change the current user's SMB password on the local machine. This is + similar to the way the <command>passwd(1)</command> program works. <command> + smbpasswd</command> differs from how the passwd program works + however in that it is not <emphasis>setuid root</emphasis> but works in + a client-server mode and communicates with a + locally running <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>. As a consequence in order for this to + succeed the smbd daemon must be running on the local machine. On a + UNIX machine the encrypted SMB passwords are usually stored in + the <citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file. </para> + + <para>When run by an ordinary user with no options, smbpasswd + will prompt them for their old SMB password and then ask them + for their new password twice, to ensure that the new password + was typed correctly. No passwords will be echoed on the screen + whilst being typed. If you have a blank SMB password (specified by + the string "NO PASSWORD" in the smbpasswd file) then just press + the <Enter> key when asked for your old password. </para> + + <para>smbpasswd can also be used by a normal user to change their + SMB password on remote machines, such as Windows NT Primary Domain + Controllers. See the (<parameter>-r</parameter>) and <parameter>-U</parameter> options + below. </para> + + <para>When run by root, smbpasswd allows new users to be added + and deleted in the smbpasswd file, as well as allows changes to + the attributes of the user in this file to be made. When run by root, <command> + smbpasswd</command> accesses the local smbpasswd file + directly, thus enabling changes to be made even if smbd is not + running. </para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + <variablelist> + <varlistentry> + <term>-a</term> + <listitem><para>This option specifies that the username + following should be added to the local smbpasswd file, with the + new password typed (type <Enter> for the old password). This + option is ignored if the username following already exists in + the smbpasswd file and it is treated like a regular change + password command. Note that the default passdb backends require + the user to already exist in the system password file (usually + <filename>/etc/passwd</filename>), else the request to add the + user will fail. </para> + + <para>This option is only available when running smbpasswd + as root. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-x</term> + <listitem><para>This option specifies that the username + following should be deleted from the local smbpasswd file. + </para> + + <para>This option is only available when running smbpasswd as + root.</para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-d</term> + <listitem><para>This option specifies that the username following + should be <constant>disabled</constant> in the local smbpasswd + file. This is done by writing a <constant>'D'</constant> flag + into the account control space in the smbpasswd file. Once this + is done all attempts to authenticate via SMB using this username + will fail. </para> + + <para>If the smbpasswd file is in the 'old' format (pre-Samba 2.0 + format) there is no space in the user's password entry to write + this information and the command will FAIL. See <citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> for details on the 'old' and new password file formats. + </para> + + <para>This option is only available when running smbpasswd as + root.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>-e</term> + <listitem><para>This option specifies that the username following + should be <constant>enabled</constant> in the local smbpasswd file, + if the account was previously disabled. If the account was not + disabled this option has no effect. Once the account is enabled then + the user will be able to authenticate via SMB once again. </para> + + <para>If the smbpasswd file is in the 'old' format, then <command> + smbpasswd</command> will FAIL to enable the account. + See <citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> for + details on the 'old' and new password file formats. </para> + + <para>This option is only available when running smbpasswd as root. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-D debuglevel</term> + <listitem><para><replaceable>debuglevel</replaceable> is an integer + from 0 to 10. The default value if this parameter is not specified + is zero. </para> + + <para>The higher this value, the more detail will be logged to the + log files about the activities of smbpasswd. At level 0, only + critical errors and serious warnings will be logged. </para> + + <para>Levels above 1 will generate considerable amounts of log + data, and should only be used when investigating a problem. Levels + above 3 are designed for use only by developers and generate + HUGE amounts of log data, most of which is extremely cryptic. + </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-n</term> + <listitem><para>This option specifies that the username following + should have their password set to null (i.e. a blank password) in + the local smbpasswd file. This is done by writing the string "NO + PASSWORD" as the first part of the first password stored in the + smbpasswd file. </para> + + <para>Note that to allow users to logon to a Samba server once + the password has been set to "NO PASSWORD" in the smbpasswd + file the administrator must set the following parameter in the [global] + section of the <filename>smb.conf</filename> file : </para> + + <para><command>null passwords = yes</command></para> + + <para>This option is only available when running smbpasswd as + root.</para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-r remote machine name</term> + <listitem><para>This option allows a user to specify what machine + they wish to change their password on. Without this parameter + smbpasswd defaults to the local host. The <replaceable>remote + machine name</replaceable> is the NetBIOS name of the SMB/CIFS + server to contact to attempt the password change. This name is + resolved into an IP address using the standard name resolution + mechanism in all programs of the Samba suite. See the <parameter>-R + name resolve order</parameter> parameter for details on changing + this resolving mechanism. </para> + + <para>The username whose password is changed is that of the + current UNIX logged on user. See the <parameter>-U username</parameter> + parameter for details on changing the password for a different + username. </para> + + <para>Note that if changing a Windows NT Domain password the + remote machine specified must be the Primary Domain Controller for + the domain (Backup Domain Controllers only have a read-only + copy of the user account database and will not allow the password + change).</para> + + <para><emphasis>Note</emphasis> that Windows 95/98 do not have + a real password database so it is not possible to change passwords + specifying a Win95/98 machine as remote machine target. </para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-R name resolve order</term> + <listitem><para>This option allows the user of smbpasswd to determine + what name resolution services to use when looking up the NetBIOS + name of the host being connected to. </para> + + <para>The options are :"lmhosts", "host", "wins" and "bcast". They + cause names to be resolved as follows: </para> + <itemizedlist> + <listitem><para><constant>lmhosts</constant>: Lookup an IP + address in the Samba lmhosts file. If the line in lmhosts has + no name type attached to the NetBIOS name (see the <citerefentry><refentrytitle>lmhosts</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> for details) then + any name type matches for lookup.</para></listitem> + + <listitem><para><constant>host</constant>: Do a standard host + name to IP address resolution, using the system <filename>/etc/hosts + </filename>, NIS, or DNS lookups. This method of name resolution + is operating system depended for instance on IRIX or Solaris this + may be controlled by the <filename>/etc/nsswitch.conf</filename> + file). Note that this method is only used if the NetBIOS name + type being queried is the 0x20 (server) name type, otherwise + it is ignored.</para></listitem> + + <listitem><para><constant>wins</constant>: Query a name with + the IP address listed in the <parameter>wins server</parameter> + parameter. If no WINS server has been specified this method + will be ignored.</para></listitem> + + <listitem><para><constant>bcast</constant>: Do a broadcast on + each of the known local interfaces listed in the + <parameter>interfaces</parameter> parameter. This is the least + reliable of the name resolution methods as it depends on the + target host being on a locally connected subnet.</para></listitem> + </itemizedlist> + + <para>The default order is <command>lmhosts, host, wins, bcast</command> + and without this parameter or any entry in the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file the name resolution methods will + be attempted in this order. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-m</term> + <listitem><para>This option tells smbpasswd that the account + being changed is a MACHINE account. Currently this is used + when Samba is being used as an NT Primary Domain Controller.</para> + + <para>This option is only available when running smbpasswd as root. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-U username</term> + <listitem><para>This option may only be used in conjunction + with the <parameter>-r</parameter> option. When changing + a password on a remote machine it allows the user to specify + the user name on that machine whose password will be changed. It + is present to allow users who have different user names on + different systems to change these passwords. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-h</term> + <listitem><para>This option prints the help string for <command> + smbpasswd</command>, selecting the correct one for running as root + or as an ordinary user. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-s</term> + <listitem><para>This option causes smbpasswd to be silent (i.e. + not issue prompts) and to read its old and new passwords from + standard input, rather than from <filename>/dev/tty</filename> + (like the <command>passwd(1)</command> program does). This option + is to aid people writing scripts to drive smbpasswd</para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-w password</term> + <listitem><para>This parameter is only available if Samba + has been configured to use the experimental + <command>--with-ldapsam</command> option. The <parameter>-w</parameter> + switch is used to specify the password to be used with the + <smbconfoption><name>ldap admin dn</name></smbconfoption>. Note that the password is stored in + the <filename>secrets.tdb</filename> and is keyed off + of the admin's DN. This means that if the value of <parameter>ldap + admin dn</parameter> ever changes, the password will need to be + manually updated as well. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-i</term> + <listitem><para>This option tells smbpasswd that the account + being changed is an interdomain trust account. Currently this is used + when Samba is being used as an NT Primary Domain Controller. + The account contains the info about another trusted domain.</para> + + <para>This option is only available when running smbpasswd as root. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-L</term> + <listitem><para>Run in local mode.</para></listitem> + </varlistentry> + + <varlistentry> + <term>username</term> + <listitem><para>This specifies the username for all of the + <emphasis>root only</emphasis> options to operate on. Only root + can specify this parameter as only root has the permission needed + to modify attributes directly in the local smbpasswd file. + </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>NOTES</title> + + <para>Since <command>smbpasswd</command> works in client-server + mode communicating with a local smbd for a non-root user then + the smbd daemon must be running for this to work. A common problem + is to add a restriction to the hosts that may access the <command> + smbd</command> running on the local machine by specifying either <parameter>allow + hosts</parameter> or <parameter>deny hosts</parameter> entry in + the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file and neglecting to + allow "localhost" access to the smbd. </para> + + <para>In addition, the smbpasswd command is only useful if Samba + has been set up to use encrypted passwords. </para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry>.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 + for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbsh.1.xml b/docs/manpages/smbsh.1.xml new file mode 100644 index 0000000000..36319085b8 --- /dev/null +++ b/docs/manpages/smbsh.1.xml @@ -0,0 +1,164 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbsh.1"> + +<refmeta> + <refentrytitle>smbsh</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbsh</refname> + <refpurpose>Allows access to remote SMB shares + using UNIX commands</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbsh</command> + <arg choice="opt">-W workgroup</arg> + <arg choice="opt">-U username</arg> + <arg choice="opt">-P prefix</arg> + <arg choice="opt">-R <name resolve order></arg> + <arg choice="opt">-d <debug level></arg> + <arg choice="opt">-l logdir</arg> + <arg choice="opt">-L libdir</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>smbsh</command> allows you to access an NT filesystem + using UNIX commands such as <command>ls</command>, <command> + egrep</command>, and <command>rcp</command>. You must use a + shell that is dynamically linked in order for <command>smbsh</command> + to work correctly.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-W WORKGROUP</term> + <listitem><para>Override the default workgroup specified in the + workgroup parameter of the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file + for this session. This may be needed to connect to some + servers. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-U username[%pass]</term> + <listitem><para>Sets the SMB username or username and password. + If this option is not specified, the user will be prompted for + both the username and the password. If %pass is not specified, + the user will be prompted for the password. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-P prefix</term> + <listitem><para>This option allows + the user to set the directory prefix for SMB access. The + default value if this option is not specified is + <emphasis>smb</emphasis>. + </para></listitem> + </varlistentry> + + &stdarg.configfile; + &stdarg.debug; + &stdarg.resolve.order; + + <varlistentry> + <term>-L libdir</term> + <listitem><para>This parameter specifies the location of the + shared libraries used by <command>smbsh</command>. The default + value is specified at compile time. + </para></listitem> + </varlistentry> + + </variablelist> +</refsect1> + +<refsect1> + <title>EXAMPLES</title> + + <para>To use the <command>smbsh</command> command, execute <command> + smbsh</command> from the prompt and enter the username and password + that authenticates you to the machine running the Windows NT + operating system. +<programlisting> +<prompt>system% </prompt><userinput>smbsh</userinput> +<prompt>Username: </prompt><userinput>user</userinput> +<prompt>Password: </prompt><userinput>XXXXXXX</userinput> +</programlisting></para> + + + <para>Any dynamically linked command you execute from + this shell will access the <filename>/smb</filename> directory + using the smb protocol. For example, the command <command>ls /smb + </command> will show a list of workgroups. The command + <command>ls /smb/MYGROUP </command> will show all the machines in + the workgroup MYGROUP. The command + <command>ls /smb/MYGROUP/<machine-name></command> will show the share + names for that machine. You could then, for example, use the <command> + cd</command> command to change directories, <command>vi</command> to + edit files, and <command>rcp</command> to copy files.</para> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>BUGS</title> + + <para><command>smbsh</command> works by intercepting the standard + libc calls with the dynamically loaded versions in <filename> + smbwrapper.o</filename>. Not all calls have been "wrapped", so + some programs may not function correctly under <command>smbsh + </command>.</para> + + <para>Programs which are not dynamically linked cannot make + use of <command>smbsh</command>'s functionality. Most versions + of UNIX have a <command>file</command> command that will + describe how a program was linked.</para> +</refsect1> + + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry></para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 + for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbspool.8.xml b/docs/manpages/smbspool.8.xml new file mode 100644 index 0000000000..ec62a0d5df --- /dev/null +++ b/docs/manpages/smbspool.8.xml @@ -0,0 +1,132 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbspool.8"> + +<refmeta> + <refentrytitle>smbspool</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbspool</refname> + <refpurpose>send a print file to an SMB printer</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbspool</command> + <arg choice="req">job</arg> + <arg choice="req">user</arg> + <arg choice="req">title</arg> + <arg choice="req">copies</arg> + <arg choice="req">options</arg> + <arg choice="opt">filename</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>smbspool is a very small print spooling program that + sends a print file to an SMB printer. The command-line arguments + are position-dependent for compatibility with the Common UNIX + Printing System, but you can use smbspool with any printing system + or from a program or script.</para> + + <para><emphasis>DEVICE URI</emphasis></para> + + <para>smbspool specifies the destination using a Uniform Resource + Identifier ("URI") with a method of "smb". This string can take + a number of forms:</para> + + <itemizedlist> + <listitem><para>smb://server/printer</para></listitem> + <listitem><para>smb://workgroup/server/printer</para></listitem> + <listitem><para>smb://username:password@server/printer</para></listitem> + <listitem><para>smb://username:password@workgroup/server/printer</para></listitem> + </itemizedlist> + + <para>smbspool tries to get the URI from argv[0]. If argv[0] + contains the name of the program then it looks in the <envar> + DEVICE_URI</envar> environment variable.</para> + + <para>Programs using the <command>exec(2)</command> functions can + pass the URI in argv[0], while shell scripts must set the + <envar>DEVICE_URI</envar> environment variable prior to + running smbspool.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <itemizedlist> + <listitem><para>The job argument (argv[1]) contains the + job ID number and is presently not used by smbspool. + </para></listitem> + + <listitem><para>The user argument (argv[2]) contains the + print user's name and is presently not used by smbspool. + </para></listitem> + + <listitem><para>The title argument (argv[3]) contains the + job title string and is passed as the remote file name + when sending the print job.</para></listitem> + + <listitem><para>The copies argument (argv[4]) contains + the number of copies to be printed of the named file. If + no filename is provided then this argument is not used by + smbspool.</para></listitem> + + <listitem><para>The options argument (argv[5]) contains + the print options in a single string and is currently + not used by smbspool.</para></listitem> + + <listitem><para>The filename argument (argv[6]) contains the + name of the file to print. If this argument is not specified + then the print file is read from the standard input.</para> + </listitem> + </itemizedlist> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry>.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para><command>smbspool</command> was written by Michael Sweet + at Easy Software Products.</para> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 + for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbstatus.1.xml b/docs/manpages/smbstatus.1.xml new file mode 100644 index 0000000000..1e96b39263 --- /dev/null +++ b/docs/manpages/smbstatus.1.xml @@ -0,0 +1,140 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbstatus.1"> + +<refmeta> + <refentrytitle>smbstatus</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbstatus</refname> + <refpurpose>report on current Samba connections</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbstatus</command> + <arg choice="opt">-P</arg> + <arg choice="opt">-b</arg> + <arg choice="opt">-d <debug level></arg> + <arg choice="opt">-v</arg> + <arg choice="opt">-L</arg> + <arg choice="opt">-B</arg> + <arg choice="opt">-p</arg> + <arg choice="opt">-S</arg> + <arg choice="opt">-s <configuration file></arg> + <arg choice="opt">-u <username></arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>smbstatus</command> is a very simple program to + list the current Samba connections.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-P|--profile</term> + <listitem><para>If samba has been compiled with the + profiling option, print only the contents of the profiling + shared memory area.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-b|--brief</term> + <listitem><para>gives brief output.</para></listitem> + </varlistentry> + + &popt.common.samba; + + <varlistentry> + <term>-v|--verbose</term> + <listitem><para>gives verbose output.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>-L|--locks</term> + <listitem><para>causes smbstatus to only list locks.</para> + </listitem> + </varlistentry> + + + <varlistentry> + <term>-B|--byterange</term> + <listitem><para>causes smbstatus to include byte range locks. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-p|--processes</term> + <listitem><para>print a list of <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> processes and exit. + Useful for scripting.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>-S|--shares</term> + <listitem><para>causes smbstatus to only list shares.</para> + </listitem> + </varlistentry> + + &stdarg.help; + + <varlistentry> + <term>-u|--user=<username></term> + <listitem><para>selects information relevant to + <parameter>username</parameter> only.</para> + </listitem> + </varlistentry> + + </variablelist> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 + for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbtar.1.xml b/docs/manpages/smbtar.1.xml new file mode 100644 index 0000000000..c773937844 --- /dev/null +++ b/docs/manpages/smbtar.1.xml @@ -0,0 +1,237 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbtar.1"> + +<refmeta> + <refentrytitle>smbtar</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbtar</refname> + <refpurpose>shell script for backing up SMB/CIFS shares + directly to UNIX tape drives</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbtar</command> + <arg choice="opt">-r</arg> + <arg choice="opt">-i</arg> + <arg choice="opt">-a</arg> + <arg choice="opt">-v</arg> + <arg choice="req">-s server</arg> + <arg choice="opt">-p password</arg> + <arg choice="opt">-x services</arg> + <arg choice="opt">-X</arg> + <arg choice="opt">-N filename</arg> + <arg choice="opt">-b blocksize</arg> + <arg choice="opt">-d directory</arg> + <arg choice="opt">-l loglevel</arg> + <arg choice="opt">-u user</arg> + <arg choice="opt">-t tape</arg> + <arg choice="req">filenames</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>smbtar</command> is a very small shell script on top + of <citerefentry><refentrytitle>smbclient</refentrytitle><manvolnum>1</manvolnum> + </citerefentry> which dumps SMB shares directly to tape.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-s server</term> + <listitem><para>The SMB/CIFS server that the share resides + upon.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>-x service</term> + <listitem><para>The share name on the server to connect to. + The default is "backup".</para></listitem> + </varlistentry> + + + <varlistentry> + <term>-X</term> + <listitem><para>Exclude mode. Exclude filenames... from tar + create or restore. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-d directory</term> + <listitem><para>Change to initial <parameter>directory + </parameter> before restoring / backing up files. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-v</term> + <listitem><para>Verbose mode.</para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-p password</term> + <listitem><para>The password to use to access a share. + Default: none </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-u user</term> + <listitem><para>The user id to connect as. Default: + UNIX login name. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-a</term> + <listitem><para>Reset DOS archive bit mode to + indicate file has been archived. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-t tape</term> + <listitem><para>Tape device. May be regular file or tape + device. Default: <parameter>$TAPE</parameter> environmental + variable; if not set, a file called <filename>tar.out + </filename>. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-b blocksize</term> + <listitem><para>Blocking factor. Defaults to 20. See + <command>tar(1)</command> for a fuller explanation. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-N filename</term> + <listitem><para>Backup only files newer than filename. Could + be used (for example) on a log file to implement incremental + backups. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-i</term> + <listitem><para>Incremental mode; tar files are only backed + up if they have the archive bit set. The archive bit is reset + after each file is read. </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-r</term> + <listitem><para>Restore. Files are restored to the share + from the tar file. </para></listitem> + </varlistentry> + + + + <varlistentry> + <term>-l log level</term> + <listitem><para>Log (debug) level. Corresponds to the + <parameter>-d</parameter> flag of <citerefentry> + <refentrytitle>smbclient</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>.</para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>ENVIRONMENT VARIABLES</title> + + <para>The <parameter>$TAPE</parameter> variable specifies the + default tape device to write to. May be overridden + with the -t option. </para> +</refsect1> + + +<refsect1> + <title>BUGS</title> + + <para>The <command>smbtar</command> script has different + options from ordinary tar and from smbclient's tar command. </para> + +</refsect1> + +<refsect1> + <title>CAVEATS</title> + + <para>Sites that are more careful about security may not like + the way the script handles PC passwords. Backup and restore work + on entire shares; should work on file lists. smbtar works best + with GNU tar and may not work well with other versions. </para> +</refsect1> + + +<refsect1> + <title>DIAGNOSTICS</title> + + <para>See the <emphasis>DIAGNOSTICS</emphasis> section for the <citerefentry> + <refentrytitle>smbclient</refentrytitle><manvolnum>1</manvolnum> + </citerefentry> command.</para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry> + <refentrytitle>smbclient</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + +<para><ulink noescape="1" url="mailto:poultenr@logica.co.uk">Ricky Poulten</ulink> + wrote the tar extension and this man page. The <command>smbtar</command> + script was heavily rewritten and improved by <ulink noescape="1" + url="mailto:Martin.Kraemer@mch.sni.de">Martin Kraemer</ulink>. Many + thanks to everyone who suggested extensions, improvements, bug + fixes, etc. The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink noescape="1" url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for + Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbtree.1.xml b/docs/manpages/smbtree.1.xml new file mode 100644 index 0000000000..f9661f4849 --- /dev/null +++ b/docs/manpages/smbtree.1.xml @@ -0,0 +1,95 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbtree.1"> + +<refmeta> + <refentrytitle>smbtree</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbtree</refname> + <refpurpose>A text based smb network browser + </refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbtree</command> + <arg choice="opt">-b</arg> + <arg choice="opt">-D</arg> + <arg choice="opt">-S</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>smbtree</command> is a smb browser program + in text mode. It is similar to the "Network Neighborhood" found + on Windows computers. It prints a tree with all + the known domains, the servers in those domains and + the shares on the servers. + </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-b</term> + <listitem><para>Query network nodes by sending requests + as broadcasts instead of querying the local master browser. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-D</term> + <listitem><para>Only print a list of all + the domains known on broadcast or by the + master browser</para></listitem> + </varlistentry> + + <varlistentry> + <term>-S</term> + <listitem><para>Only print a list of + all the domains and servers responding on broadcast or + known by the master browser. + </para></listitem> + </varlistentry> + + &popt.common.samba; + &popt.common.credentials; + &stdarg.help; + + </variablelist> +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba + suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The smbtree man page was written by Jelmer Vernooij. </para> +</refsect1> + +</refentry> diff --git a/docs/manpages/smbumount.8.xml b/docs/manpages/smbumount.8.xml new file mode 100644 index 0000000000..d8feb8e938 --- /dev/null +++ b/docs/manpages/smbumount.8.xml @@ -0,0 +1,78 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="smbumount.8"> + +<refmeta> + <refentrytitle>smbumount</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>smbumount</refname> + <refpurpose>smbfs umount for normal users</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>smbumount</command> + <arg choice="req">mount-point</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>With this program, normal users can unmount smb-filesystems, + provided that it is suid root. <command>smbumount</command> has + been written to give normal Linux users more control over their + resources. It is safe to install this program suid root, because only + the user who has mounted a filesystem is allowed to unmount it again. + For root it is not necessary to use smbumount. The normal umount + program works perfectly well, but it would certainly be problematic + to make umount setuid root.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>mount-point</term> + <listitem><para>The directory to unmount.</para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>SEE ALSO</title> + + <para><citerefentry><refentrytitle>smbmount</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></para> +</refsect1> + + +<refsect1> + <title>AUTHOR</title> + + <para>Volker Lendecke, Andrew Tridgell, Michael H. Warfield + and others.</para> + + <para>The current maintainer of smbfs and the userspace + tools <command>smbmount</command>, <command>smbumount</command>, + and <command>smbmnt</command> is <ulink + url="mailto:urban@teststation.com">Urban Widmark</ulink>. + The <ulink url="mailto:samba@samba.org">SAMBA Mailing list</ulink> + is the preferred place to ask questions regarding these programs. + </para> + + <para>The conversion of this manpage for Samba 2.2 was performed + by Gerald Carter. The conversion to DocBook XML 4.2 for Samba 3.0 + was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/swat.8.xml b/docs/manpages/swat.8.xml new file mode 100644 index 0000000000..902918d932 --- /dev/null +++ b/docs/manpages/swat.8.xml @@ -0,0 +1,227 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="swat.8"> + +<refmeta> + <refentrytitle>swat</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>swat</refname> + <refpurpose>Samba Web Administration Tool</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>swat</command> + <arg choice="opt">-s <smb config file></arg> + <arg choice="opt">-a</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + + <para><command>swat</command> allows a Samba administrator to + configure the complex <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file via a Web browser. In addition, + a <command>swat</command> configuration page has help links + to all the configurable options in the <filename>smb.conf</filename> file allowing an + administrator to easily look up the effects of any change. </para> + + <para><command>swat</command> is run from <command>inetd</command> </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-s smb configuration file</term> + <listitem><para>The default configuration file path is + determined at compile time. The file specified contains + the configuration details required by the <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> server. This is the file + that <command>swat</command> will modify. + The information in this file includes server-specific + information such as what printcap file to use, as well as + descriptions of all the services that the server is to provide. + See <filename>smb.conf</filename> for more information. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-a</term> + <listitem><para>This option disables authentication and puts + <command>swat</command> in demo mode. In that mode anyone will be able to modify + the <filename>smb.conf</filename> file. </para> + + <para><emphasis>WARNING: Do NOT enable this option on a production + server. </emphasis></para></listitem> + </varlistentry> + + &popt.common.samba; + &stdarg.help; + + </variablelist> + +</refsect1> + +<refsect1> + + <title>INSTALLATION</title> + + <para>Swat is included as binary package with most distributions. The + package manager in this case takes care of the installation and + configuration. This section is only for those who have compiled + swat from scratch. + </para> + + <para>After you compile SWAT you need to run <command>make install + </command> to install the <command>swat</command> binary + and the various help files and images. A default install would put + these in: </para> + + <itemizedlist> + <listitem><para>/usr/local/samba/bin/swat</para></listitem> + <listitem><para>/usr/local/samba/swat/images/*</para></listitem> + <listitem><para>/usr/local/samba/swat/help/*</para></listitem> + </itemizedlist> + + <refsect2> + <title>Inetd Installation</title> + + <para>You need to edit your <filename>/etc/inetd.conf + </filename> and <filename>/etc/services</filename> + to enable SWAT to be launched via <command>inetd</command>.</para> + + <para>In <filename>/etc/services</filename> you need to + add a line like this: </para> + + <para><command>swat 901/tcp</command></para> + + <para>Note for NIS/YP and LDAP users - you may need to rebuild the + NIS service maps rather than alter your local <filename> + /etc/services</filename> file. </para> + + <para>the choice of port number isn't really important + except that it should be less than 1024 and not currently + used (using a number above 1024 presents an obscure security + hole depending on the implementation details of your + <command>inetd</command> daemon). </para> + + <para>In <filename>/etc/inetd.conf</filename> you should + add a line like this: </para> + + <para><command>swat stream tcp nowait.400 root + /usr/local/samba/bin/swat swat</command></para> + + <para>Once you have edited <filename>/etc/services</filename> + and <filename>/etc/inetd.conf</filename> you need to send a + HUP signal to inetd. To do this use <command>kill -1 PID + </command> where PID is the process ID of the inetd daemon. </para> + + </refsect2> + + + +</refsect1> + +<refsect1> + <title>LAUNCHING</title> + + <para>To launch SWAT just run your favorite web browser and + point it at "http://localhost:901/".</para> + + <para>Note that you can attach to SWAT from any IP connected + machine but connecting from a remote machine leaves your + connection open to password sniffing as passwords will be sent + in the clear over the wire. </para> +</refsect1> + +<refsect1> + <title>FILES</title> + + <variablelist> + <varlistentry> + <term><filename>/etc/inetd.conf</filename></term> + <listitem><para>This file must contain suitable startup + information for the meta-daemon.</para></listitem> + </varlistentry> + + <varlistentry> + <term><filename>/etc/services</filename></term> + <listitem><para>This file must contain a mapping of service name + (e.g., swat) to service port (e.g., 901) and protocol type + (e.g., tcp). </para></listitem> + </varlistentry> + + <varlistentry> + <term><filename>/usr/local/samba/lib/smb.conf</filename></term> + <listitem><para>This is the default location of the <citerefentry> + <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry> server configuration file that swat edits. Other + common places that systems install this file are <filename> + /usr/samba/lib/smb.conf</filename> and <filename>/etc/smb.conf + </filename>. This file describes all the services the server + is to make available to clients. </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>WARNINGS</title> + + <para><command>swat</command> will rewrite your <citerefentry> + <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry> file. It will rearrange the entries and delete all + comments, <parameter>include=</parameter> and <parameter>copy= + </parameter> options. If you have a carefully crafted <filename> + smb.conf</filename> then back it up or don't use swat! </para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><command>inetd(5)</command>, <citerefentry> + <refentrytitle>smbd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry></para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for + Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/tdbbackup.8.xml b/docs/manpages/tdbbackup.8.xml new file mode 100644 index 0000000000..e5f060b101 --- /dev/null +++ b/docs/manpages/tdbbackup.8.xml @@ -0,0 +1,135 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="tdbbackup.8"> + +<refmeta> + <refentrytitle>tdbbackup</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>tdbbackup</refname> + <refpurpose>tool for backing up and for validating the integrity of samba .tdb files</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>tdbbackup</command> + <arg choice="opt">-s suffix</arg> + <arg choice="opt">-v</arg> + <arg choice="opt">-h</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> suite.</para> + + <para><command>tdbbackup</command> is a tool that may be used to backup samba .tdb + files. This tool may also be used to verify the integrity of the .tdb files prior + to samba startup, in which case, if it find file damage and it finds a prior backup + it will restore the backup file. + </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + + <varlistentry> + <term>-h</term> + <listitem><para> + Get help information. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-s suffix</term> + <listitem><para> + The <command>-s</command> option allows the adminisistrator to specify a file + backup extension. This way it is possible to keep a history of tdb backup + files by using a new suffix for each backup. + </para> </listitem> + </varlistentry> + + <varlistentry> + <term>-v</term> + <listitem><para> + The <command>-v</command> will check the database for damages (currupt data) + which if detected causes the backup to be restored. + </para></listitem> + </varlistentry> + + </variablelist> +</refsect1> + + +<refsect1> + <title>COMMANDS</title> + + <para><emphasis>GENERAL INFORMATION</emphasis></para> + + <para> + The <command>tdbbackup</command> utility should be run as soon as samba has shut down. + Do NOT run this command on a live database. Typical usage for the command will be: + </para> + + <para>tdbbackup [-s suffix] *.tdb</para> + + <para> + Before restarting samba the following command may be run to validate .tdb files: + </para> + + <para>tdbbackup -v [-s suffix] *.tdb</para> + + <para> + Samba .tdb files are stored in various locations, be sure to run backup all + .tdb file on the system. Imporatant files includes: + </para> + + <itemizedlist> + <listitem><para> + <command>secrets.tdb</command> - usual location is in the /usr/local/samba/private + directory, or on some systems in /etc/samba. + </para></listitem> + + <listitem><para> + <command>passdb.tdb</command> - usual location is in the /usr/local/samba/private + directory, or on some systems in /etc/samba. + </para></listitem> + + <listitem><para> + <command>*.tdb</command> located in the /usr/local/samba/var directory or on some + systems in the /var/cache or /var/lib/samba directories. + </para></listitem> + </itemizedlist> + +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para> + The original Samba software and related utilities were created by Andrew Tridgell. + Samba is now developed by the Samba Team as an Open Source project similar to the way + the Linux kernel is developed. + </para> + + <para>The tdbbackup man page was written by John H Terpstra.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/tdbdump.8.xml b/docs/manpages/tdbdump.8.xml new file mode 100644 index 0000000000..c31bef480b --- /dev/null +++ b/docs/manpages/tdbdump.8.xml @@ -0,0 +1,61 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="tdbdump.8"> + +<refmeta> + <refentrytitle>tdbdump</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>tdbdump</refname> + <refpurpose>tool for printing the contents of a TDB file</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>tdbdump</command> + <arg choice="req">filename</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> suite.</para> + + <para><command>tdbdump</command> is a very simple utility that 'dumps' the + contents of a TDB (Trivial DataBase) file to standard output in a + human-readable format. + </para> + + <para>This tool can be used when debugging problems with TDB files. It is + intended for those who are somewhat familiar with Samba internals. + </para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para> + The original Samba software and related utilities were created by Andrew Tridgell. + Samba is now developed by the Samba Team as an Open Source project similar to the way + the Linux kernel is developed. + </para> + + <para>The tdbdump man page was written by Jelmer Vernooij.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/testparm.1.xml b/docs/manpages/testparm.1.xml new file mode 100644 index 0000000000..84ead17234 --- /dev/null +++ b/docs/manpages/testparm.1.xml @@ -0,0 +1,191 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="testparm.1"> + +<refmeta> + <refentrytitle>testparm</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>testparm</refname> + <refpurpose>check an smb.conf configuration file for + internal correctness</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>testparm</command> + <arg choice="opt">-s</arg> + <arg choice="opt">-h</arg> + <arg choice="opt">-v</arg> + <arg choice="opt">-L <servername></arg> + <arg choice="opt">-t <encoding></arg> + <arg choice="req">config filename</arg> + <arg choice="opt">hostname hostIP</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>testparm</command> is a very simple test program + to check an <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> configuration file for + internal correctness. If this program reports no problems, you + can use the configuration file with confidence that <command>smbd + </command> will successfully load the configuration file.</para> + + + <para>Note that this is <emphasis>NOT</emphasis> a guarantee that + the services specified in the configuration file will be + available or will operate as expected. </para> + + <para>If the optional host name and host IP address are + specified on the command line, this test program will run through + the service entries reporting whether the specified host + has access to each service. </para> + + <para>If <command>testparm</command> finds an error in the <filename> + smb.conf</filename> file it returns an exit code of 1 to the calling + program, else it returns an exit code of 0. This allows shell scripts + to test the output from <command>testparm</command>.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-s</term> + <listitem><para>Without this option, <command>testparm</command> + will prompt for a carriage return after printing the service + names and before dumping the service definitions.</para></listitem> + </varlistentry> + + &stdarg.help; + &stdarg.version; + + <varlistentry> + <term>-L servername</term> + <listitem><para>Sets the value of the %L macro to <replaceable>servername</replaceable>. + This is useful for testing include files specified with the + %L macro. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-v</term> + <listitem><para>If this option is specified, testparm + will also output all options that were not used in <citerefentry> + <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry> and are thus set to their defaults.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-t encoding</term> + <listitem><para> + Output data in specified encoding. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>configfilename</term> + <listitem><para>This is the name of the configuration file + to check. If this parameter is not present then the + default <citerefentry><refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry> file will be checked. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>hostname</term> + <listitem><para>If this parameter and the following are + specified, then <command>testparm</command> will examine the <parameter>hosts + allow</parameter> and <parameter>hosts deny</parameter> + parameters in the <citerefentry> + <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry> file to + determine if the hostname with this IP address would be + allowed access to the <command>smbd</command> server. If + this parameter is supplied, the hostIP parameter must also + be supplied.</para></listitem> + </varlistentry> + + + <varlistentry> + <term>hostIP</term> + <listitem><para>This is the IP address of the host specified + in the previous parameter. This address must be supplied + if the hostname parameter is supplied. </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + +<refsect1> + <title>FILES</title> + + <variablelist> + <varlistentry> + <term><citerefentry><refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry></term> + <listitem><para>This is usually the name of the configuration + file used by <citerefentry><refentrytitle>smbd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>. + </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + +<refsect1> + <title>DIAGNOSTICS</title> + + <para>The program will issue a message saying whether the + configuration file loaded OK or not. This message may be preceded by + errors and warnings if the file did not load. If the file was + loaded OK, the program then dumps all known service details + to stdout. </para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, <citerefentry> + <refentrytitle>smbd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry></para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink noescape="1" url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 + for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/testprns.1.xml b/docs/manpages/testprns.1.xml new file mode 100644 index 0000000000..50584f5a18 --- /dev/null +++ b/docs/manpages/testprns.1.xml @@ -0,0 +1,148 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="testprns.1"> + +<refmeta> + <refentrytitle>testprns</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>testprns</refname> + <refpurpose>check printer name for validity with smbd</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>testprns</command> + <arg choice="req">printername</arg> + <arg choice="opt">printcapname</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>testprns</command> is a very simple test program + to determine whether a given printer name is valid for use in + a service to be provided by <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>.</para> + + <para>"Valid" in this context means "can be found in the + printcap specified". This program is very stupid - so stupid in + fact that it would be wisest to always specify the printcap file + to use. </para> + +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>printername</term> + <listitem><para>The printer name to validate.</para> + + <para>Printer names are taken from the first field in each + record in the printcap file, single printer names and sets + of aliases separated by vertical bars ("|") are recognized. + Note that no validation or checking of the printcap syntax is + done beyond that required to extract the printer name. It may + be that the print spooling system is more forgiving or less + forgiving than <command>testprns</command>. However, if + <command>testprns</command> finds the printer then <citerefentry> + <refentrytitle>smbd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> should do so as well. </para></listitem> + </varlistentry> + + <varlistentry> + <term>printcapname</term> + <listitem><para>This is the name of the printcap file within + which to search for the given printer name. </para> + + <para>If no printcap name is specified <command>testprns + </command> will attempt to scan the printcap file name + specified at compile time. </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>FILES</title> + + <variablelist> + <varlistentry> + <term><filename>/etc/printcap</filename></term> + <listitem><para>This is usually the default printcap + file to scan. See <filename>printcap (5)</filename>. + </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>DIAGNOSTICS</title> + + <para>If a printer is found to be valid, the message + "Printer name <printername> is valid" will be + displayed. </para> + + <para>If a printer is found to be invalid, the message + "Printer name <printername> is not valid" will be + displayed. </para> + + <para>All messages that would normally be logged during + operation of the Samba daemons are logged by this program to the + file <filename>test.log</filename> in the current directory. The + program runs at debuglevel 3, so quite extensive logging + information is written. The log should be checked carefully + for errors and warnings. </para> + + <para>Other messages are self-explanatory. </para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><filename>printcap(5)</filename>, + <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smbclient</refentrytitle> + <manvolnum>1</manvolnum></citerefentry></para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at <ulink noescape="1" url="ftp://ftp.icce.rug.nl/pub/unix/"> + ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 + for Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> + diff --git a/docs/manpages/vfstest.1.xml b/docs/manpages/vfstest.1.xml new file mode 100644 index 0000000000..7b68963fba --- /dev/null +++ b/docs/manpages/vfstest.1.xml @@ -0,0 +1,152 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="vfstest.1"> + +<refmeta> + <refentrytitle>vfstest</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>vfstest</refname> + <refpurpose>tool for testing samba VFS modules </refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>vfstest</command> + <arg choice="opt">-d debuglevel</arg> + <arg choice="opt">-c command</arg> + <arg choice="opt">-l logdir</arg> + <arg choice="opt">-h</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>vfstest</command> is a small command line + utility that has the ability to test dso samba VFS modules. It gives the + user the ability to call the various VFS functions manually and + supports cascaded VFS modules. + </para> +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + + <varlistentry> + <term>-c|--command=command</term> + <listitem><para>Execute the specified (colon-separated) commands. + See below for the commands that are available. + </para> </listitem> + </varlistentry> + + &stdarg.help; + + <varlistentry> + <term>-l|--logfile=logbasename</term> + <listitem><para>File name for log/debug files. The extension + <constant>'.client'</constant> will be appended. The log file is never removed + by the client. + </para></listitem> + </varlistentry> + + &popt.common.samba; + + </variablelist> +</refsect1> + + +<refsect1> + <title>COMMANDS</title> + + <para><emphasis>VFS COMMANDS</emphasis></para> + <itemizedlist> + <listitem><para><command>load <module.so></command> - Load specified VFS module </para></listitem> + + <listitem><para><command>populate <char> <size></command> - Populate a data buffer with the specified data + </para></listitem> + + <listitem><para><command>showdata [<offset> <len>]</command> - Show data currently in data buffer + </para></listitem> + + <listitem><para><command>connect</command> - VFS connect()</para></listitem> + <listitem><para><command>disconnect</command> - VFS disconnect()</para></listitem> + <listitem><para><command>disk_free</command> - VFS disk_free()</para></listitem> + <listitem><para><command>opendir</command> - VFS opendir()</para></listitem> + <listitem><para><command>readdir</command> - VFS readdir()</para></listitem> + <listitem><para><command>mkdir</command> - VFS mkdir()</para></listitem> + <listitem><para><command>rmdir</command> - VFS rmdir()</para></listitem> + <listitem><para><command>closedir</command> - VFS closedir()</para></listitem> + <listitem><para><command>open</command> - VFS open()</para></listitem> + <listitem><para><command>close</command> - VFS close()</para></listitem> + <listitem><para><command>read</command> - VFS read()</para></listitem> + <listitem><para><command>write</command> - VFS write()</para></listitem> + <listitem><para><command>lseek</command> - VFS lseek()</para></listitem> + <listitem><para><command>rename</command> - VFS rename()</para></listitem> + <listitem><para><command>fsync</command> - VFS fsync()</para></listitem> + <listitem><para><command>stat</command> - VFS stat()</para></listitem> + <listitem><para><command>fstat</command> - VFS fstat()</para></listitem> + <listitem><para><command>lstat</command> - VFS lstat()</para></listitem> + <listitem><para><command>unlink</command> - VFS unlink()</para></listitem> + <listitem><para><command>chmod</command> - VFS chmod()</para></listitem> + <listitem><para><command>fchmod</command> - VFS fchmod()</para></listitem> + <listitem><para><command>chown</command> - VFS chown()</para></listitem> + <listitem><para><command>fchown</command> - VFS fchown()</para></listitem> + <listitem><para><command>chdir</command> - VFS chdir()</para></listitem> + <listitem><para><command>getwd</command> - VFS getwd()</para></listitem> + <listitem><para><command>utime</command> - VFS utime()</para></listitem> + <listitem><para><command>ftruncate</command> - VFS ftruncate()</para></listitem> + <listitem><para><command>lock</command> - VFS lock()</para></listitem> + <listitem><para><command>symlink</command> - VFS symlink()</para></listitem> + <listitem><para><command>readlink</command> - VFS readlink()</para></listitem> + <listitem><para><command>link</command> - VFS link()</para></listitem> + <listitem><para><command>mknod</command> - VFS mknod()</para></listitem> + <listitem><para><command>realpath</command> - VFS realpath()</para></listitem> + </itemizedlist> + + <para><emphasis>GENERAL COMMANDS</emphasis></para> + <itemizedlist> + <listitem><para><command>conf <smb.conf></command> - Load a different configuration file</para></listitem> + + <listitem><para><command>help [<command>]</command> - Get list of commands or info about specified command</para></listitem> + + <listitem><para><command>debuglevel <level></command> - Set debug level</para></listitem> + + <listitem><para><command>freemem</command> - Free memory currently in use</para></listitem> + + <listitem><para><command>exit</command> - Exit vfstest</para></listitem> + </itemizedlist> + +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of the Samba + suite.</para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para>The vfstest man page was written by Jelmer Vernooij.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/wbinfo.1.xml b/docs/manpages/wbinfo.1.xml new file mode 100644 index 0000000000..728e4f166a --- /dev/null +++ b/docs/manpages/wbinfo.1.xml @@ -0,0 +1,325 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="wbinfo.1"> + +<refmeta> + <refentrytitle>wbinfo</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>wbinfo</refname> + <refpurpose>Query information from winbind daemon</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>wbinfo</command> + <arg choice="opt">-a user%password</arg> + <arg choice="opt">-c username</arg> + <arg choice="opt">-C groupname</arg> + <arg choice="opt">--domain domain</arg> + <arg choice="opt">-I ip</arg> + <arg choice="opt">-s sid</arg> + <arg choice="opt">-u</arg> + <arg choice="opt">-U uid</arg> + <arg choice="opt">-g</arg> + <arg choice="opt">--get-auth-user</arg> + <arg choice="opt">-G gid</arg> + <arg choice="opt">-m</arg> + <arg choice="opt">-n name</arg> + <arg choice="opt">-N netbios-name</arg> + <arg choice="opt">-o user:group</arg> + <arg choice="opt">-O user:group</arg> + <arg choice="opt">-p</arg> + <arg choice="opt">-r user</arg> + <arg choice="opt">--set-auth-user user%password</arg> + <arg choice="opt">--sequence</arg> + <arg choice="opt">-S sid</arg> + <arg choice="opt">-t</arg> + <arg choice="opt">-x username</arg> + <arg choice="opt">-X groupname</arg> + <arg choice="opt">-Y sid</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This tool is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The <command>wbinfo</command> program queries and returns information + created and used by the <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> daemon. </para> + + <para>The <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> daemon must be configured + and running for the <command>wbinfo</command> program to be able + to return information.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-a username%password</term> + <listitem><para>Attempt to authenticate a user via winbindd. + This checks both authenticaion methods and reports its results. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-c user</term> + <listitem><para>Create a local winbind user. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-C group</term> + <listitem><para>Create a local winbindd group. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--domain name</term> + <listitem><para>This parameter sets the domain on which any specified + operations will performed. If special domain name '.' is used to represent + the current domain to which winbindd belongs. Currently only the + <option>--sequence</option>, + <option>-u</option>, and <option>-g</option> options honor this parameter. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-g</term> + <listitem><para>This option will list all groups available + in the Windows NT domain for which the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> daemon is operating in. Groups in all trusted domains + will also be listed. Note that this operation does not assign + group ids to any groups that have not already been + seen by <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>. </para></listitem> + </varlistentry> + + <varlistentry> + <term>--get-auth-user</term> + <listitem><para>Print username and password used by winbindd + during session setup to a domain controller. Username + and password can be set using '-A'. Only available for + root.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-G gid</term> + <listitem><para>Try to convert a UNIX group id to a Windows + NT SID. If the gid specified does not refer to one within + the idmap gid range then the operation will fail. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-I ip</term> + <listitem><para>The <parameter>-I</parameter> option + queries <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> to send a node status + request to get the NetBIOS name associated with the IP address + specified by the <parameter>ip</parameter> parameter. + </para></listitem> + </varlistentry> + + + <varlistentry> + <term>-m</term> + <listitem><para>Produce a list of domains trusted by the + Windows NT server <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> contacts + when resolving names. This list does not include the Windows + NT domain the server is a Primary Domain Controller for. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-n name</term> + <listitem><para>The <parameter>-n</parameter> option + queries <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> for the SID + associated with the name specified. Domain names can be specified + before the user name by using the winbind separator character. + For example CWDOM1/Administrator refers to the Administrator + user in the domain CWDOM1. If no domain is specified then the + domain used is the one specified in the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> <parameter>workgroup + </parameter> parameter. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-N name</term> + <listitem><para>The <parameter>-N</parameter> option + queries <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> to query the WINS + server for the IP address associated with the NetBIOS name + specified by the <parameter>name</parameter> parameter. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-o user:group</term> + <listitem><para>Add a winbindd local group as a secondary group + for the specified winbindd local user. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-O user:group</term> + <listitem><para>Remove a winbindd local group as a secondary group + for the specified winbindd local user. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-p</term> + <listitem><para>Check whether winbindd is still alive. + Prints out either 'succeeded' or 'failed'. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-r username</term> + <listitem><para>Try to obtain the list of UNIX group ids + to which the user belongs. This only works for users + defined on a Domain Controller. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-s sid</term> + <listitem><para>Use <parameter>-s</parameter> to resolve + a SID to a name. This is the inverse of the <parameter>-n + </parameter> option above. SIDs must be specified as ASCII strings + in the traditional Microsoft format. For example, + S-1-5-21-1455342024-3071081365-2475485837-500. </para></listitem> + </varlistentry> + + <varlistentry> + <term>--set-auth-user username%password</term> + <listitem><para>Store username and password used by winbindd + during session setup to a domain controller. This enables + winbindd to operate in a Windows 2000 domain with Restrict + Anonymous turned on (a.k.a. Permissions compatiable with + Windows 2000 servers only). + </para></listitem> + </varlistentry> + + <varlistentry> + <term>--sequence</term> + <listitem><para>Show sequence numbers of + all known domains</para></listitem> + </varlistentry> + + <varlistentry> + <term>-S sid</term> + <listitem><para>Convert a SID to a UNIX user id. If the SID + does not correspond to a UNIX user mapped by <citerefentry> + <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> then the operation will fail. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-t</term> + <listitem><para>Verify that the workstation trust account + created when the Samba server is added to the Windows NT + domain is working. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-u</term> + <listitem><para>This option will list all users available + in the Windows NT domain for which the <citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> daemon is operating in. Users in all trusted domains + will also be listed. Note that this operation does not assign + user ids to any users that have not already been seen by <citerefentry> + <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum></citerefentry> + .</para></listitem> + </varlistentry> + + <varlistentry> + <term>-U uid</term> + <listitem><para>Try to convert a UNIX user id to a Windows NT + SID. If the uid specified does not refer to one within + the idmap uid range then the operation will fail. </para></listitem> + </varlistentry> + + <varlistentry> + <term>-x user</term> + <listitem><para>Delete an existing local winbind user. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-X group</term> + <listitem><para>Delete an existing local winbindd group. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-Y sid</term> + <listitem><para>Convert a SID to a UNIX group id. If the SID + does not correspond to a UNIX group mapped by <citerefentry> + <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum></citerefentry> then + the operation will fail. </para></listitem> + </varlistentry> + + + &stdarg.version; + &stdarg.help; + + </variablelist> +</refsect1> + + +<refsect1> + <title>EXIT STATUS</title> + + <para>The wbinfo program returns 0 if the operation + succeeded, or 1 if the operation failed. If the <citerefentry> + <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> daemon is not working <command>wbinfo</command> will always return + failure. </para> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + <para><citerefentry><refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry></para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para><command>wbinfo</command> and <command>winbindd</command> + were written by Tim Potter.</para> + + <para>The conversion to DocBook for Samba 2.2 was done + by Gerald Carter. The conversion to DocBook XML 4.2 for Samba + 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> diff --git a/docs/manpages/winbindd.8.xml b/docs/manpages/winbindd.8.xml new file mode 100644 index 0000000000..0986b10119 --- /dev/null +++ b/docs/manpages/winbindd.8.xml @@ -0,0 +1,464 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ + +<!ENTITY % globalentities SYSTEM '../global.ent'> %globalentities; +]> +<refentry id="winbindd.8"> + +<refmeta> + <refentrytitle>winbindd</refentrytitle> + <manvolnum>8</manvolnum> +</refmeta> + + +<refnamediv> + <refname>winbindd</refname> + <refpurpose>Name Service Switch daemon for resolving names + from NT servers</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>winbindd</command> + <arg choice="opt">-F</arg> + <arg choice="opt">-S</arg> + <arg choice="opt">-i</arg> + <arg choice="opt">-Y</arg> + <arg choice="opt">-d <debug level></arg> + <arg choice="opt">-s <smb config file></arg> + <arg choice="opt">-n</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This program is part of the <citerefentry><refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para><command>winbindd</command> is a daemon that provides + a service for the Name Service Switch capability that is present + in most modern C libraries. The Name Service Switch allows user + and system information to be obtained from different databases + services such as NIS or DNS. The exact behaviour can be configured + throught the <filename>/etc/nsswitch.conf</filename> file. + Users and groups are allocated as they are resolved to a range + of user and group ids specified by the administrator of the + Samba system.</para> + + <para>The service provided by <command>winbindd</command> is called `winbind' and + can be used to resolve user and group information from a + Windows NT server. The service can also provide authentication + services via an associated PAM module. </para> + + <para> + The <filename>pam_winbind</filename> module in the 2.2.2 release only + supports the <parameter>auth</parameter> and <parameter>account</parameter> + module-types. The latter simply + performs a getpwnam() to verify that the system can obtain a uid for the + user. If the <filename>libnss_winbind</filename> library has been correctly + installed, this should always succeed. + </para> + + <para>The following nsswitch databases are implemented by + the winbindd service: </para> + + <variablelist> + <varlistentry> + <term>hosts</term> + <listitem><para>This feature is only available on IRIX. + User information traditionally stored in + the <filename>hosts(5)</filename> file and used by + <command>gethostbyname(3)</command> functions. Names are + resolved through the WINS server or by broadcast. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>passwd</term> + <listitem><para>User information traditionally stored in + the <filename>passwd(5)</filename> file and used by + <command>getpwent(3)</command> functions. </para></listitem> + </varlistentry> + + <varlistentry> + <term>group</term> + <listitem><para>Group information traditionally stored in + the <filename>group(5)</filename> file and used by + <command>getgrent(3)</command> functions. </para></listitem> + </varlistentry> + </variablelist> + + <para>For example, the following simple configuration in the + <filename>/etc/nsswitch.conf</filename> file can be used to initially + resolve user and group information from <filename>/etc/passwd + </filename> and <filename>/etc/group</filename> and then from the + Windows NT server. +<programlisting> +passwd: files winbind +group: files winbind +## only available on IRIX; Linux users should us libnss_wins.so +hosts: files dns winbind +</programlisting></para> + + <para>The following simple configuration in the + <filename>/etc/nsswitch.conf</filename> file can be used to initially + resolve hostnames from <filename>/etc/hosts</filename> and then from the + WINS server.</para> +<programlisting> +hosts: files wins +</programlisting> + +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-F</term> + <listitem><para>If specified, this parameter causes + the main <command>winbindd</command> process to not daemonize, + i.e. double-fork and disassociate with the terminal. + Child processes are still created as normal to service + each connection request, but the main process does not + exit. This operation mode is suitable for running + <command>winbindd</command> under process supervisors such + as <command>supervise</command> and <command>svscan</command> + from Daniel J. Bernstein's <command>daemontools</command> + package, or the AIX process monitor. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-S</term> + <listitem><para>If specified, this parameter causes + <command>winbindd</command> to log to standard output rather + than a file.</para></listitem> + </varlistentry> + + &popt.common.samba; + &stdarg.help; + + <varlistentry> + <term>-i</term> + <listitem><para>Tells <command>winbindd</command> to not + become a daemon and detach from the current terminal. This + option is used by developers when interactive debugging + of <command>winbindd</command> is required. + <command>winbindd</command> also logs to standard output, + as if the <command>-S</command> parameter had been given. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-n</term> + <listitem><para>Disable caching. This means winbindd will + always have to wait for a response from the domain controller + before it can respond to a client and this thus makes things + slower. The results will however be more accurate, since + results from the cache might not be up-to-date. This + might also temporarily hang winbindd if the DC doesn't respond. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-Y</term> + <listitem><para>Single daemon mode. This means winbindd will run + as a single process (the mode of operation in Samba 2.2). Winbindd's + default behavior is to launch a child process that is responsible for + updating expired cache entries. + </para></listitem> + </varlistentry> + + </variablelist> +</refsect1> + + +<refsect1> + <title>NAME AND ID RESOLUTION</title> + + <para>Users and groups on a Windows NT server are assigned + a relative id (rid) which is unique for the domain when the + user or group is created. To convert the Windows NT user or group + into a unix user or group, a mapping between rids and unix user + and group ids is required. This is one of the jobs that <command> + winbindd</command> performs. </para> + + <para>As winbindd users and groups are resolved from a server, user + and group ids are allocated from a specified range. This + is done on a first come, first served basis, although all existing + users and groups will be mapped as soon as a client performs a user + or group enumeration command. The allocated unix ids are stored + in a database file under the Samba lock directory and will be + remembered. </para> + + <para>WARNING: The rid to unix id database is the only location + where the user and group mappings are stored by winbindd. If this + file is deleted or corrupted, there is no way for winbindd to + determine which user and group ids correspond to Windows NT user + and group rids. </para> +</refsect1> + + +<refsect1> + <title>CONFIGURATION</title> + + <para>Configuration of the <command>winbindd</command> daemon + is done through configuration parameters in the <citerefentry> + <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry> file. All parameters should be specified in the + [global] section of smb.conf. </para> + + <itemizedlist> + <listitem><para> + <smbconfoption><name>winbind separator</name></smbconfoption></para></listitem> + <listitem><para> + <smbconfoption><name>idmap uid</name></smbconfoption></para></listitem> + <listitem><para> + <smbconfoption><name>idmap gid</name></smbconfoption></para></listitem> + <listitem><para> + <smbconfoption><name>winbind cache time</name></smbconfoption></para></listitem> + <listitem><para> + <smbconfoption><name>winbind enum users</name></smbconfoption></para></listitem> + <listitem><para> + <smbconfoption><name>winbind enum groups</name></smbconfoption></para></listitem> + <listitem><para> + <smbconfoption><name>template homedir</name></smbconfoption></para></listitem> + <listitem><para> + <smbconfoption><name>template shell</name></smbconfoption></para></listitem> + <listitem><para> + <smbconfoption><name>winbind use default domain</name></smbconfoption></para></listitem> + </itemizedlist> +</refsect1> + + +<refsect1> + <title>EXAMPLE SETUP</title> + + <para>To setup winbindd for user and group lookups plus + authentication from a domain controller use something like the + following setup. This was tested on a RedHat 6.2 Linux box. </para> + + <para>In <filename>/etc/nsswitch.conf</filename> put the + following: +<programlisting> +passwd: files winbind +group: files winbind +</programlisting></para> + + <para>In <filename>/etc/pam.d/*</filename> replace the <parameter> + auth</parameter> lines with something like this: +<programlisting> +auth required /lib/security/pam_securetty.so +auth required /lib/security/pam_nologin.so +auth sufficient /lib/security/pam_winbind.so +auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok +</programlisting></para> + + + <para>Note in particular the use of the <parameter>sufficient + </parameter> keyword and the <parameter>use_first_pass</parameter> keyword. </para> + + <para>Now replace the account lines with this: </para> + + <para><command>account required /lib/security/pam_winbind.so + </command></para> + + <para>The next step is to join the domain. To do that use the + <command>net</command> program like this: </para> + + <para><command>net join -S PDC -U Administrator</command></para> + + <para>The username after the <parameter>-U</parameter> can be any + Domain user that has administrator privileges on the machine. + Substitute the name or IP of your PDC for "PDC".</para> + + <para>Next copy <filename>libnss_winbind.so</filename> to + <filename>/lib</filename> and <filename>pam_winbind.so + </filename> to <filename>/lib/security</filename>. A symbolic link needs to be + made from <filename>/lib/libnss_winbind.so</filename> to + <filename>/lib/libnss_winbind.so.2</filename>. If you are using an + older version of glibc then the target of the link should be + <filename>/lib/libnss_winbind.so.1</filename>.</para> + + <para>Finally, setup a <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> containing directives like the + following: +<programlisting> +[global] + winbind separator = + + winbind cache time = 10 + template shell = /bin/bash + template homedir = /home/%D/%U + idmap uid = 10000-20000 + idmap gid = 10000-20000 + workgroup = DOMAIN + security = domain + password server = * +</programlisting></para> + + + <para>Now start winbindd and you should find that your user and + group database is expanded to include your NT users and groups, + and that you can login to your unix box as a domain user, using + the DOMAIN+user syntax for the username. You may wish to use the + commands <command>getent passwd</command> and <command>getent group + </command> to confirm the correct operation of winbindd.</para> +</refsect1> + + +<refsect1> + <title>NOTES</title> + + <para>The following notes are useful when configuring and + running <command>winbindd</command>: </para> + + <para><citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> must be running on the local machine + for <command>winbindd</command> to work. <command>winbindd</command> queries + the list of trusted domains for the Windows NT server + on startup and when a SIGHUP is received. Thus, for a running <command> + winbindd</command> to become aware of new trust relationships between + servers, it must be sent a SIGHUP signal. </para> + + <para>PAM is really easy to misconfigure. Make sure you know what + you are doing when modifying PAM configuration files. It is possible + to set up PAM such that you can no longer log into your system. </para> + + <para>If more than one UNIX machine is running <command>winbindd</command>, + then in general the user and groups ids allocated by winbindd will not + be the same. The user and group ids will only be valid for the local + machine.</para> + + <para>If the the Windows NT RID to UNIX user and group id mapping + file is damaged or destroyed then the mappings will be lost. </para> +</refsect1> + + +<refsect1> + <title>SIGNALS</title> + + <para>The following signals can be used to manipulate the + <command>winbindd</command> daemon. </para> + + <variablelist> + <varlistentry> + <term>SIGHUP</term> + <listitem><para>Reload the <citerefentry><refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> file and + apply any parameter changes to the running + version of winbindd. This signal also clears any cached + user and group information. The list of other domains trusted + by winbindd is also reloaded. </para></listitem> + </varlistentry> + + <varlistentry> + <term>SIGUSR2</term> + <listitem><para>The SIGUSR2 signal will cause <command> + winbindd</command> to write status information to the winbind + log file including information about the number of user and + group ids allocated by <command>winbindd</command>.</para> + + <para>Log files are stored in the filename specified by the + log file parameter.</para></listitem> + </varlistentry> + </variablelist> +</refsect1> + +<refsect1> + <title>FILES</title> + + <variablelist> + <varlistentry> + <term><filename>/etc/nsswitch.conf(5)</filename></term> + <listitem><para>Name service switch configuration file.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>/tmp/.winbindd/pipe</term> + <listitem><para>The UNIX pipe over which clients communicate with + the <command>winbindd</command> program. For security reasons, the + winbind client will only attempt to connect to the winbindd daemon + if both the <filename>/tmp/.winbindd</filename> directory + and <filename>/tmp/.winbindd/pipe</filename> file are owned by + root. </para></listitem> + </varlistentry> + + <varlistentry> + <term>$LOCKDIR/winbindd_privilaged/pipe</term> + <listitem><para>The UNIX pipe over which 'privilaged' clients + communicate with the <command>winbindd</command> program. For security + reasons, access to some winbindd functions - like those needed by + the <command>ntlm_auth</command> utility - is restricted. By default, + only users in the 'root' group will get this access, however the administrator + may change the group permissions on $LOCKDIR/winbindd_privilaged to allow + programs like 'squid' to use ntlm_auth. + Note that the winbind client will only attempt to connect to the winbindd daemon + if both the <filename>$LOCKDIR/winbindd_privilaged</filename> directory + and <filename>$LOCKDIR/winbindd_privilaged/pipe</filename> file are owned by + root. </para></listitem> + </varlistentry> + + <varlistentry> + <term>/lib/libnss_winbind.so.X</term> + <listitem><para>Implementation of name service switch library. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>$LOCKDIR/winbindd_idmap.tdb</term> + <listitem><para>Storage for the Windows NT rid to UNIX user/group + id mapping. The lock directory is specified when Samba is initially + compiled using the <parameter>--with-lockdir</parameter> option. + This directory is by default <filename>/usr/local/samba/var/locks + </filename>. </para></listitem> + </varlistentry> + + <varlistentry> + <term>$LOCKDIR/winbindd_cache.tdb</term> + <listitem><para>Storage for cached user and group information. + </para></listitem> + </varlistentry> + </variablelist> +</refsect1> + + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 3.0 of + the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + + <para><filename>nsswitch.conf(5)</filename>, <citerefentry> + <refentrytitle>Samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry>, <citerefentry> + <refentrytitle>wbinfo</refentrytitle> + <manvolnum>8</manvolnum></citerefentry>, <citerefentry> + <refentrytitle>smb.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry></para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> + + <para><command>wbinfo</command> and <command>winbindd</command> were + written by Tim Potter.</para> + + <para>The conversion to DocBook for Samba 2.2 was done + by Gerald Carter. The conversion to DocBook XML 4.2 for + Samba 3.0 was done by Alexander Bokovoy.</para> +</refsect1> + +</refentry> |