summaryrefslogtreecommitdiff
path: root/docs/textdocs/rpcclient.1.txt
diff options
context:
space:
mode:
Diffstat (limited to 'docs/textdocs/rpcclient.1.txt')
-rw-r--r--docs/textdocs/rpcclient.1.txt685
1 files changed, 685 insertions, 0 deletions
diff --git a/docs/textdocs/rpcclient.1.txt b/docs/textdocs/rpcclient.1.txt
new file mode 100644
index 0000000000..78aaca02bc
--- /dev/null
+++ b/docs/textdocs/rpcclient.1.txt
@@ -0,0 +1,685 @@
+
+TITLE INFORMATION: rpcclient (1)
+AUTHOR INFORMATION: Samba SAMBA
+DATE INFORMATION: 23 Oct 1998
+
+NAME
+rpcclient - utility to manage MSRPC resources on servers
+
+SYNOPSIS
+
+rpcclient
+[password]
+-S servername
+[-U [username][%][password]]
+[-W domain]
+[-l log basename]
+[-d debuglevel]
+[-O socket options]
+[-i scope]
+[-N]
+[-n NetBIOS name]
+[-h]
+[-I dest IP]
+[-E]
+[-t terminal code]
+[-c command string]
+[-B IP addr]
+[-s smb.conf]
+[-m max protocol]
+
+DESCRIPTION
+
+This program is part of the Samba suite.
+
+rpcclient is a client that can 'talk' to an SMB/CIFS MSRPC server.
+Operations include things like managing a SAM Database (users, groups
+and aliases) in the same way as the Windows NT programs
+User Manager for Domains and Server Manager for Domains;
+managing a remote registry in the same way as the Windows NT programs
+REGEDT32.EXE and REGEDIT.EXE; viewing a remote event log (same
+as EVENTVWR.EXE) etc.
+
+Typical usage is like this:
+
+rpcclient -I 192.168.32.1 -S "*SMBSERVER" -U fred%secret -l log
+
+OPTIONS
+
+o servername servername is the name of the server you want
+to use on the server. This should be the NetBIOS name of the SMB/CIFS
+server, which can be *SMBSERVER on Windows NT 4.0 or Samba Servers.
+
+Note that the server name required is NOT necessarily the IP (DNS)
+host name of the server! The name required is a NetBIOS server name,
+which may or may not be the same as the IP hostname of the machine
+running the server. Also, remember that having a period in a NetBIOS
+name (such as an IP hostname) may cause connectivity problems on your
+network: NT tends to strip NetBIOS names from the leading period
+onwards.
+
+The server name is looked up according to either the
+-R parameter to rpcclient or using the
+name resolve order
+parameter in the smb.conf file, allowing an administrator to change
+the order and methods by which server names are looked up.
+
+o password password is the password required to access the
+specified service on the specified server. If this parameter is
+supplied, the -N option (suppress password prompt) is assumed.
+
+There is no default password. If no password is supplied on the
+command line (either by using this parameter or adding a password to
+the -U option (see below)) and the -N option is not specified,
+the client will prompt for a password, even if the desired service
+does not require one. (If no password is required, simply press ENTER
+to provide a null password.)
+
+Note: Some servers (including OS/2 and Windows for Workgroups) insist
+on an uppercase password. Lowercase or mixed case passwords may be
+rejected by these servers.
+
+Be cautious about including passwords in scripts.
+
+o -s smb.conf This parameter specifies the pathname to the
+Samba configuration file, smb.conf. This file controls all aspects of
+the Samba setup on the machine and rpcclient also needs to read this
+file.
+
+o -B IP addr The IP address to use when sending a broadcast packet.
+
+o -O socket options TCP socket options to set on the client
+socket. See the socket options
+parameter in the smb.conf (5) manpage for
+the list of valid options.
+
+o -R name resolve order This option allows the user of
+rpcclient to determine what name resolution services to use when
+looking up the NetBIOS name of the host being connected to.
+
+The options are :"lmhosts", "host", "wins" and "bcast". They cause
+names to be resolved as follows :
+
+o lmhosts : Lookup an IP address in the Samba lmhosts file.
+The lmhosts file is stored in the same directory as the
+smb.conf file.
+
+o host : Do a standard host name to IP address resolution,
+using the system /etc/hosts, NIS, or DNS lookups. This method of name
+resolution is operating system depended for instance on IRIX or
+Solaris this may be controlled by the /etc/nsswitch.conf file).
+
+o wins : Query a name with the IP address listed in the wins
+server parameter in the smb.conf file. If
+no WINS server has been specified this method will be ignored.
+
+o bcast : Do a broadcast on each of the known local interfaces
+listed in the interfaces parameter
+in the smb.conf file. This is the least reliable of the name resolution
+methods as it depends on the target host being on a locally connected
+subnet. To specify a particular broadcast address the -B option
+may be used.
+
+If this parameter is not set then the name resolve order defined
+in the smb.conf file parameter
+(name resolve order)
+will be used.
+
+The default order is lmhosts, host, wins, bcast and without this
+parameter or any entry in the "name resolve
+order" parameter of the
+smb.conf file the name resolution methods
+will be attempted in this order.
+
+o -i scope This specifies a NetBIOS scope that rpcclient will use
+to communicate with when generating NetBIOS names. For details on the
+use of NetBIOS scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes
+are very rarely used, only set this parameter if you are the
+system administrator in charge of all the NetBIOS systems you
+communicate with.
+
+o -N If specified, this parameter suppresses the normal
+password prompt from the client to the user. This is useful when
+accessing a service that does not require a password.
+
+Unless a password is specified on the command line or this parameter
+is specified, the client will request a password.
+
+o -n NetBIOS name By default, the client will use the local
+machine's hostname (in uppercase) as its NetBIOS name. This parameter
+allows you to override the host name and use whatever NetBIOS name you
+wish.
+
+o -d debuglevel debuglevel is an integer from 0 to 10, or the
+letter 'A'.
+
+The default value if this parameter is not specified is zero.
+
+The higher this value, the more detail will be logged to the log files
+about the activities of the client. At level 0, only critical errors
+and serious warnings will be logged. Level 1 is a reasonable level for
+day to day running - it generates a small amount of information about
+operations carried out.
+
+Levels above 1 will generate considerable amounts of log data, and
+should only be used when investigating a problem. Levels above 3 are
+designed for use only by developers and generate HUGE amounts of log
+data, most of which is extremely cryptic. If debuglevel is set to the
+letter 'A', then all debug messages will be printed. This setting
+is for developers only (and people who really want to know how the
+code works internally).
+
+Note that specifying this parameter here will override the log
+level parameter in the smb.conf
+(5) file.
+
+o -p port This number is the TCP port number that will be used
+when making connections to the server. The standard (well-known) TCP
+port number for an SMB/CIFS server is 139, which is the default.
+
+o -l logfilename If specified, logfilename specifies a base
+filename into which operational data from the running client will be
+logged.
+
+The default base name is specified at compile time.
+
+The base name is used to generate actual log file names. For example,
+if the name specified was "log", the debug file would be
+log.client.
+
+The log file generated is never removed by the client.
+
+o -h Print the usage message for the client.
+
+o -I IP address IP address is the address of the server to
+connect to. It should be specified in standard "a.b.c.d" notation.
+
+Normally the client would attempt to locate a named SMB/CIFS server by
+looking it up via the NetBIOS name resolution mechanism described
+above in the name resolve order parameter
+above. Using this parameter will force the client to assume that the
+server is on the machine with the specified IP address and the NetBIOS
+name component of the resource being connected to will be ignored.
+
+There is no default for this parameter. If not supplied, it will be
+determined automatically by the client as described above.
+
+o -E This parameter causes the client to write messages to the
+standard error stream (stderr) rather than to the standard output
+stream.
+
+By default, the client writes messages to standard output - typically
+the user's tty.
+
+Note that by default, debug information is always sent to stderr.
+Debug information can instead be sent to a file, using the
+-l log basename option.
+
+o -U username This specifies the user name that will be used by
+the client to make a connection, assuming your server is not a downlevel
+server that is running a protocol level that uses passwords on shares,
+not on usernames.
+
+Some servers are fussy about the case of this name, and some insist
+that it must be a valid NetBIOS name.
+
+If no username is supplied, it will default to an uppercase version of
+the environment variable USER or LOGNAME in that order. If no
+username is supplied and neither environment variable exists the
+username "GUEST" will be used.
+
+If the USER environment variable contains a '%' character,
+everything after that will be treated as a password. This allows you
+to set the environment variable to be USER=username%password so
+that a password is not passed on the command line (where it may be
+seen by the ps command).
+
+If the service you are connecting to requires a password, it can be
+supplied using the -U option, by appending a percent symbol ("%")
+then the password to username. For example, to attach to a service as
+user "fred" with password "secret", you would specify.
+
+-U fred%secret
+
+on the command line. Note that there are no spaces around the percent
+symbol.
+
+If you specify the password as part of username then the -N option
+(suppress password prompt) is assumed.
+
+If you specify the password as a parameter AND as part of username
+then the password as part of username will take precedence. Putting
+nothing before or nothing after the percent symbol will cause an empty
+username or an empty password to be used, respectively.
+
+The password may also be specified by setting up an environment
+variable called PASSWORD that contains the users password. Note
+that this may be very insecure on some systems but on others allows
+users to script rpcclient commands without having a password appear in
+the command line of a process listing.
+
+Note: Some servers (including OS/2 and Windows for Workgroups) insist
+on an uppercase password. Lowercase or mixed case passwords may be
+rejected by these servers.
+
+Be cautious about including passwords in scripts or in the
+PASSWORD environment variable. Also, on many systems the command
+line of a running process may be seen via the ps command to be
+safe always allow rpcclient to prompt for a password and type it in
+directly.
+
+o -t terminal code This option tells rpcclient how to interpret
+filenames coming from the remote server. Usually Asian language
+multibyte UNIX implementations use different character sets than
+SMB/CIFS servers (EUC instead of SJIS for example). Setting
+this parameter will let rpcclient convert between the UNIX filenames
+and the SMB filenames correctly. This option has not been seriously
+tested and may have some problems.
+
+The terminal codes include sjis, euc, jis7, jis8,
+junet, hex, cap. This is not a complete list, check the
+Samba source code for the complete list.
+
+o -m max protocol level With the new code in Samba2.0,
+rpcclient always attempts to connect at the maximum
+protocols level the server supports. This parameter is
+preserved for backwards compatibility, but any string
+following the -m will be ignored.
+
+o -W Domain Override the default Domain, which is the remote server's
+Domain. This option may be needed to connect to some servers. It is also
+possible to specify the remote server name as the Domain, which will
+force the username and password to be authenticated against the remote
+server's local SAM instead of the Domain SAM.
+
+o -c command string command string is a semicolon separated
+list of commands to be executed instead of prompting from stdin.
+-N is implied by -c.
+
+This is particularly useful in scripts, e.g. -c 'lsaquery; enumusers -u'.
+
+OPERATIONS
+
+Once the client is running, the user is presented with a prompt :
+
+smb:\>
+
+The prompt indicates that the client is ready and waiting to carry out
+a user command. Each command is a single word, optionally followed by
+parameters specific to that command. Command and parameters are
+space-delimited unless these notes specifically state otherwise. All
+commands are case-insensitive. Parameters to commands may or may not
+be case sensitive, depending on the command.
+
+You can specify names (e.g registry keys; user or group names;
+service names) which have spaces in them by quoting the
+name with double quotes, for example "dRMON SmartAgent".
+
+Parameters shown in square brackets (e.g., "[parameter]") are
+optional. If not given, the command will use suitable
+defaults. Parameters shown in angle brackets (e.g., "<parameter>") are
+required.
+
+Note that all commands operating on the server are actually performed
+by issuing a request to the server. Thus the behavior may vary from
+server to server, depending on how the server was implemented.
+
+The commands available are listed in groups relating to different services:
+
+o Misccellaneous
+
+ o ? [command] If "command" is specified,
+ the ? command will display a brief informative message about the
+ specified command. If no command is specified, a list of available
+ commands will be displayed.
+
+ o ! [shell command] If "shell command"
+ is specified, the ! command will execute a shell locally and run
+ the specified shell command. If no command is specified, a local shell
+ will be run.
+
+ o exit Terminate the connection with the server and
+ exit from the program.
+
+ o help [command] See the ?
+ command above.
+
+ o quit See the exit command.
+
+o Event Log
+
+ o eventlog
+ list the events
+
+o Service Control
+
+ It is possible to use command-line completion (if you have
+ the GNU readline library) for Service names, by pressing the
+ tab key.
+
+ o svcenum
+ [-i] Lists Services Manager
+
+ o svcinfo
+ <service> Service Information
+
+ o svcstart
+ <service> [arg 0] [arg 1] ... Start Service
+
+ o svcstop
+ <service> Stop Service
+
+o Scheduler
+
+ o at
+ Scheduler control (at /? for syntax)
+
+o Registry
+
+ It is possible to use command-line completion (if you have
+ the GNU readline library) for registry key and value names,
+ by pressing the tab key.
+
+ o regenum
+ <keyname> Registry Enumeration (keys, values)
+
+ o regdeletekey
+ <keyname> Registry Key Delete
+
+ o regcreatekey
+ <keyname> [keyclass] Registry Key Create
+
+ o shutdown
+ [-m message] [-t timeout] [-r or --reboot] Server Shutdown
+
+ o regqueryval
+ <valname> Registry Value Query
+
+ o regquerykey
+ <keyname> Registry Key Query
+
+ o regdeleteval
+ <valname> Registry Value Delete
+
+ o regcreateval
+ <valname> <valtype> <value> Registry Key Create
+
+ o reggetsec
+ <keyname> Registry Key Security
+
+ o regtestsec
+ <keyname> Test Registry Key Security
+
+o Printing
+
+ It is possible to use command-line completion (if you have
+ the GNU readline library) for Printer and job names, by
+ pressing the tab key.
+
+ o spoolenum
+ Enumerate Printers
+
+ o spooljobs
+ <printer name> Enumerate Printer Jobs
+
+ o spoolopen
+ <printer name> Spool Printer Open Test
+
+o Server
+
+ o time
+ Display remote time
+
+ o brsinfo
+ Browser Query Info
+
+ o wksinfo
+ Workstation Query Info
+
+ o srvinfo
+ Server Query Info
+
+ o srvsessions
+ List sessions on a server
+
+ o srvshares
+ List shares on a server
+
+ o srvtransports
+ List transports on a server
+
+ o srvconnections
+ List connections on a server
+
+ o srvfiles
+ List files on a server
+
+o Local Security Authority
+
+ o lsaquery
+ Query Info Policy (domain member or server)
+
+ o lsaenumdomains
+ Enumerate Trusted Domains
+
+ o lookupsids
+ Resolve names from SIDs
+
+ o lookupnames
+ Resolve SIDs from names
+
+ o querysecret
+ LSA Query Secret (developer use)
+
+o NETLOGON
+
+ o ntlogin
+ [username] [password] NT Domain login test
+
+ o domtrust
+ <domain> NT Inter-Domain test
+
+ o samsync
+ SAM Synchronization Test (experimental)
+
+o SAM Database
+
+ It is possible to use command-line completion (if you have
+ the GNU readline library) for user, group, alias and domain
+ names, by pressing the tab key.
+
+ o lookupdomain
+ Obtain SID for a local domain
+
+ o enumusers
+ SAM User Database Query (experimental!)
+
+ o addgroupmem
+ <group rid> [user] [user] ... SAM Add Domain Group Member
+
+ o addaliasmem
+ <alias rid> [member sid1] [member sid2] ... SAM Add Domain Alias Member
+
+ o delgroupmem
+ <group rid> [user] [user] ... SAM Delete Domain Group Member
+
+ o delaliasmem
+ <alias rid> [member sid1] [member sid2] ... SAM Delete Domain Alias Member
+
+ o creategroup
+ SAM Create Domain Group
+
+ o createalias
+ SAM Create Domain Alias
+
+ o createuser
+ <username> SAM Create Domain User
+
+ o delgroup
+ SAM Delete Domain Group
+
+ o delalias
+ SAM Delete Domain Alias
+
+ o ntpass
+ NT SAM Password Change
+
+ o samuserset2
+ <username> [-s acb_bits] SAM User Set Info 2 (experimental!)
+
+ o samuserset
+ <username> [-p password] SAM User Set Info (experimental!)
+
+ o samuser
+ <username> SAM User Query (experimental!)
+
+ o samgroup
+ <groupname> SAM Group Query (experimental!)
+
+ o samalias
+ <aliasname> SAM Alias Query
+
+ o samaliasmem
+ <aliasname> SAM Alias Members
+
+ o samgroupmem
+ SAM Group Members
+
+ o samtest
+ SAM User Encrypted RPC test (experimental!)
+
+ o enumaliases
+ SAM Aliases Database Query (experimental!)
+
+ o enumdomains
+ SAM Domains Database Query (experimental!)
+
+ o enumgroups
+ SAM Group Database Query (experimental!)
+
+ o dominfo
+ SAM Query Domain Info
+
+ o dispinfo
+ SAM Query Display Info
+
+NOTES
+
+Some servers are fussy about the case of supplied usernames,
+passwords, share names (AKA service names) and machine names. If you
+fail to connect try giving all parameters in uppercase.
+
+It is often necessary to use the -n option when connecting
+to some types of servers. For example OS/2 LanManager insists on a valid
+NetBIOS name being used, so you need to supply a valid name that would
+be known to the server.
+
+rpcclient only works on servers that support MSRPC over SMB. This includes
+all versions of Windows NT, including the ports to Unix such as AS/U and
+AFPS. Support for MSRPC over SMB in other servers is currently rare and
+patchy, for example Samba 2.0 only supports a limited set of MSRPC commands,
+and some of those are not supported very well.
+
+ENVIRONMENT VARIABLES
+
+The variable USER may contain the username of the person using the
+client. This information is used only if the protocol level is high
+enough to support session-level passwords.
+
+The variable PASSWORD may contain the password of the person using
+the client. This information is used only if the protocol level is
+high enough to support session-level passwords.
+
+INSTALLATION
+
+The location of the client program is a matter for individual system
+administrators. The following are thus suggestions only.
+
+It is recommended that the rpcclient software be installed in the
+/usr/local/samba/bin or /usr/samba/bin directory, this directory
+readable by all, writeable only by root. The client program itself
+should be executable by all. The client should NOT be setuid or
+setgid!
+
+The client log files should be put in a directory readable and
+writeable only by the user.
+
+To test the client, you will need to know the name of a running
+SMB/CIFS server. It is possible to run smbd (8)
+an ordinary user - running that server as a daemon on a
+user-accessible port (typically any port number over 1024) would
+provide a suitable test server.
+
+DIAGNOSTICS
+
+Most diagnostics issued by the client are logged in a specified log
+file. The log file name is specified at compile time, but may be
+overridden on the command line.
+
+The number and nature of diagnostics available depends on the debug
+level used by the client. If you have problems, set the debug level to
+3 and peruse the log files.
+
+VERSION
+
+This man page is correct for version 2.0 of the Samba suite.
+
+BUGS
+
+o WARNING!
+The MSPRC over SMB code has been developed from examining Network traces.
+No documentation is available from the original creators (Microsoft) on
+how MSRPC over SMB works, or how the individual MSRPC services work.
+Microsoft's implementation of these services has been demonstrated (and
+reported) to be... a bit flakey in places.
+
+The development of Samba's implementation of these services is also
+a bit rough, and as more of the services are understood, it can even result
+in versions of smbd (8) and rpcclient that are
+incompatible for some commands or services. Additionally, the developers
+are sending reports to Microsoft, and problems found by or reported to
+Microsoft are fixed in Service Packs, which may also result in
+incompatibilities.
+
+It is therefore not guaranteed that the execution of an rpcclient command will
+work. It is also not guaranteed that the target server will continue to
+operate, i.e the execution of an MSRPC command may cause a remote service to
+fail, or even cause the remote server to fail. Usual rules apply, of course:
+the developers bear absolutely no responsibility for the use, misuse, or
+lack of use of rpcclient, by any person or persons, whether legal,
+illegal, accidental, deliberate, intentional, malicious, curious, etc.
+
+o Command Completion
+Command-completion (available if you have the GNU readline library) used on
+certain commands may not operate correctly if the word being completed (such as a registry key) contains a space. Typically, the name will be completed, but
+you will have to go back and put quotes round it, yourself.
+
+o SAM Database command-completion
+Command-completion (available if you have the GNU readline library) of user,
+group and alias names does not work on remote Domains, which would normally
+be specified like this:
+
+DOMAIN_name\\user_name.
+
+The only names that can be completed in this fashion are the local names
+in the SAM database of the target server.
+
+AUTHOR
+
+The original Samba software and related utilities were created by
+Andrew Tridgell samba-bugs@samba.org. Samba is now developed
+by the Samba Team as an Open Source project similar to the way the
+Linux kernel is developed.
+
+The original Samba man pages were written by Karl Auer. The man page
+sources were converted to YODL format (another excellent piece of Open
+Source software, available at
+ftp://ftp.icce.rug.nl/pub/unix/)
+and updated for the Samba2.0 release by Jeremy Allison. This man page
+was developed cut-and-paste style from the smbclient man page, by
+Luke Kenneth Casson Leighton.
+samba-bugs@samba.org.
+
+See samba (7) to find out how to get a full
+list of contributors and details on how to submit bug reports,
+comments etc.