From 8f8a9f01909ba29e2b781310baeeaaddc3f15f0d Mon Sep 17 00:00:00 2001 From: "Gerald W. Carter" Date: Tue, 22 Apr 2008 10:09:40 -0500 Subject: Moving docs tree to docs-xml to make room for generated docs in the release tarball. (This used to be commit 9f672c26d63955f613088489c6efbdc08b5b2d14) --- docs-xml/manpages-3/net.8.xml | 1548 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1548 insertions(+) create mode 100644 docs-xml/manpages-3/net.8.xml (limited to 'docs-xml/manpages-3/net.8.xml') diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml new file mode 100644 index 0000000000..9e2558eb32 --- /dev/null +++ b/docs-xml/manpages-3/net.8.xml @@ -0,0 +1,1548 @@ + + + + + + net + 8 + Samba + System Administration tools + 3.2 + + + + + net + Tool for administration of Samba and remote + CIFS servers. + + + + + + net + <ads|rap|rpc> + -h + -w workgroup + -W myworkgroup + -U user + -I ip-address + -p port + -n myname + -s conffile + -S server + -l + -P + -d debuglevel + -V + + + + + DESCRIPTION + + This tool is part of the samba + 7 suite. + + The Samba net utility is meant to work just like the net utility + available for windows and DOS. The first argument should be used + to specify the protocol to use when executing a certain command. + ADS is used for ActiveDirectory, RAP is using for old (Win9x/NT3) + clients and RPC can be used for NT4 and Windows 2000. If this + argument is omitted, net will try to determine it automatically. + Not all commands are available on all protocols. + + + + + + OPTIONS + + + &stdarg.help; + + + -w target-workgroup + + Sets target workgroup or domain. You have to specify + either this option or the IP address or the name of a server. + + + + + -W workgroup + + Sets client workgroup or domain + + + + + -U user + + User name to use + + + + + -I ip-address + + IP address of target server to use. You have to + specify either this option or a target workgroup or + a target server. + + + + + -p port + + Port on the target server to connect to (usually 139 or 445). + Defaults to trying 445 first, then 139. + + + + &stdarg.netbios.name; + &stdarg.configfile; + + + -S server + + Name of target server. You should specify either + this option or a target workgroup or a target IP address. + + + + + -l + + When listing data, give more information on each item. + + + + + -P + + Make queries to the external server using the machine account of the local server. + + + + &stdarg.server.debug; + + + + +COMMANDS + + +CHANGESECRETPW + +This command allows the Samba machine account password to be set from an external application +to a machine account password that has already been stored in Active Directory. DO NOT USE this command +unless you know exactly what you are doing. The use of this command requires that the force flag (-f) +be used also. There will be NO command prompt. Whatever information is piped into stdin, either by +typing at the command line or otherwise, will be stored as the literal machine password. Do NOT use +this without care and attention as it will overwrite a legitimate machine password without warning. +YOU HAVE BEEN WARNED. + + + + + + TIME + + The NET TIME command allows you to view the time on a remote server + or synchronise the time on the local server with the time on the remote server. + + +TIME + +Without any options, the NET TIME command +displays the time on the remote server. + + + + + +TIME SYSTEM + +Displays the time on the remote server in a format ready for /bin/date. + + + + +TIME SET +Tries to set the date and time of the local server to that on +the remote server using /bin/date. + + + + +TIME ZONE + +Displays the timezone in hours from GMT on the remote computer. + + + + + +[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options] + + +Join a domain. If the account already exists on the server, and +[TYPE] is MEMBER, the machine will attempt to join automatically. +(Assuming that the machine has been created in server manager) +Otherwise, a password will be prompted for, and a new account may +be created. + + +[TYPE] may be PDC, BDC or MEMBER to specify the type of server +joining the domain. + + + +[UPN] (ADS only) set the principalname attribute during the join. The default +format is host/netbiosname@REALM. + + + +[OU] (ADS only) Precreate the computer account in a specific OU. The +OU string reads from top to bottom without RDNs, and is delimited by +a '/'. Please note that '\' is used for escape by both the shell +and ldap, so it may need to be doubled or quadrupled to pass through, +and it is not used as a delimiter. + + + + +[RPC] OLDJOIN [options] + +Join a domain. Use the OLDJOIN option to join the domain +using the old style of domain joining - you need to create a trust +account in server manager first. + + + +[RPC|ADS] USER + + +[RPC|ADS] USER + +List all users + + + + +[RPC|ADS] USER DELETE <replaceable>target</replaceable> + +Delete specified user + + + + +[RPC|ADS] USER INFO <replaceable>target</replaceable> + +List the domain groups of the specified user. + + + + +[RPC|ADS] USER RENAME <replaceable>oldname</replaceable> <replaceable>newname</replaceable> + +Rename specified user. + + + + +[RPC|ADS] USER ADD <replaceable>name</replaceable> [password] [-F user flags] [-C comment] + +Add specified user. + + + + +[RPC|ADS] GROUP + + +[RPC|ADS] GROUP [misc options] [targets] +List user groups. + + + +[RPC|ADS] GROUP DELETE <replaceable>name</replaceable> [misc. options] + +Delete specified group. + + + + +[RPC|ADS] GROUP ADD <replaceable>name</replaceable> [-C comment] + +Create specified group. + + + + + +[RAP|RPC] SHARE + + +[RAP|RPC] SHARE [misc. options] [targets] + +Enumerates all exported resources (network shares) on target server. + + + + +[RAP|RPC] SHARE ADD <replaceable>name=serverpath</replaceable> [-C comment] [-M maxusers] [targets] + +Adds a share from a server (makes the export active). Maxusers +specifies the number of users that can be connected to the +share simultaneously. + + + + +SHARE DELETE <replaceable>sharename</replaceable> + +Delete specified share. + + + + +[RPC|RAP] FILE + + +[RPC|RAP] FILE + +List all open files on remote server. + + + + +[RPC|RAP] FILE CLOSE <replaceable>fileid</replaceable> + +Close file with specified fileid on +remote server. + + + + +[RPC|RAP] FILE INFO <replaceable>fileid</replaceable> + + +Print information on specified fileid. +Currently listed are: file-id, username, locks, path, permissions. + + + + + +[RAP|RPC] FILE USER <replaceable>user</replaceable> + + +List files opened by specified user. +Please note that net rap file user does not work +against Samba servers. + + + + + + + +SESSION + + +RAP SESSION + +Without any other options, SESSION enumerates all active SMB/CIFS +sessions on the target server. + + + + +RAP SESSION DELETE|CLOSE <replaceable>CLIENT_NAME</replaceable> + +Close the specified sessions. + + + + +RAP SESSION INFO <replaceable>CLIENT_NAME</replaceable> + +Give a list with all the open files in specified session. + + + + + + +RAP SERVER <replaceable>DOMAIN</replaceable> + +List all servers in specified domain or workgroup. Defaults +to local domain. + + + + +RAP DOMAIN + +Lists all domains and workgroups visible on the +current network. + + + + +RAP PRINTQ + + +RAP PRINTQ LIST <replaceable>QUEUE_NAME</replaceable> + +Lists the specified print queue and print jobs on the server. +If the QUEUE_NAME is omitted, all +queues are listed. + + + + +RAP PRINTQ DELETE <replaceable>JOBID</replaceable> + +Delete job with specified id. + + + + + + +RAP VALIDATE <replaceable>user</replaceable> [<replaceable>password</replaceable>] + + +Validate whether the specified user can log in to the +remote server. If the password is not specified on the commandline, it +will be prompted. + + +¬.implemented; + + + + +RAP GROUPMEMBER + + +RAP GROUPMEMBER LIST <replaceable>GROUP</replaceable> + +List all members of the specified group. + + + + +RAP GROUPMEMBER DELETE <replaceable>GROUP</replaceable> <replaceable>USER</replaceable> + +Delete member from group. + + + + +RAP GROUPMEMBER ADD <replaceable>GROUP</replaceable> <replaceable>USER</replaceable> + +Add member to group. + + + + + + +RAP ADMIN <replaceable>command</replaceable> + +Execute the specified command on +the remote server. Only works with OS/2 servers. + + +¬.implemented; + + + + +RAP SERVICE + + +RAP SERVICE START <replaceable>NAME</replaceable> [arguments...] + +Start the specified service on the remote server. Not implemented yet. + +¬.implemented; + + + + +RAP SERVICE STOP + +Stop the specified service on the remote server. + +¬.implemented; + + + + + + +RAP PASSWORD <replaceable>USER</replaceable> <replaceable>OLDPASS</replaceable> <replaceable>NEWPASS</replaceable> + + +Change password of USER from OLDPASS to NEWPASS. + + + + + +LOOKUP + + +LOOKUP HOST <replaceable>HOSTNAME</replaceable> [<replaceable>TYPE</replaceable>] + + +Lookup the IP address of the given host with the specified type (netbios suffix). +The type defaults to 0x20 (workstation). + + + + + +LOOKUP LDAP [<replaceable>DOMAIN</replaceable>] + +Give IP address of LDAP server of specified DOMAIN. Defaults to local domain. + + + + +LOOKUP KDC [<replaceable>REALM</replaceable>] + +Give IP address of KDC for the specified REALM. +Defaults to local realm. + + + + +LOOKUP DC [<replaceable>DOMAIN</replaceable>] + +Give IP's of Domain Controllers for specified +DOMAIN. Defaults to local domain. + + + + +LOOKUP MASTER <replaceable>DOMAIN</replaceable> + +Give IP of master browser for specified DOMAIN +or workgroup. Defaults to local domain. + + + + + + +CACHE + +Samba uses a general caching interface called 'gencache'. It +can be controlled using 'NET CACHE'. + +All the timeout parameters support the suffixes: + + +s - Seconds +m - Minutes +h - Hours +d - Days +w - Weeks + + + + + +CACHE ADD <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable> + +Add specified key+data to the cache with the given timeout. + + + + +CACHE DEL <replaceable>key</replaceable> + +Delete key from the cache. + + + + +CACHE SET <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable> + +Update data of existing cache entry. + + + + +CACHE SEARCH <replaceable>PATTERN</replaceable> + +Search for the specified pattern in the cache data. + + + + +CACHE LIST + + +List all current items in the cache. + + + + + +CACHE FLUSH + +Remove all the current items from the cache. + + + + + + +GETLOCALSID [DOMAIN] + +Prints the SID of the specified domain, or if the parameter is +omitted, the SID of the local server. + + + + +SETLOCALSID S-1-5-21-x-y-z + +Sets SID for the local server to the specified SID. + + + + +GETDOMAINSID + +Prints the local machine SID and the SID of the current +domain. + + + + +SETDOMAINSID + +Sets the SID of the current domain. + + + + +GROUPMAP + +Manage the mappings between Windows group SIDs and UNIX groups. +Common options include: + + +unixgroup - Name of the UNIX group +ntgroup - Name of the Windows NT group (must be + resolvable to a SID +rid - Unsigned 32-bit integer +sid - Full SID in the form of "S-1-..." +type - Type of the group; either 'domain', 'local', + or 'builtin' +comment - Freeform text description of the group + + + +GROUPMAP ADD + + +Add a new group mapping entry: + +net groupmap add {rid=int|sid=string} unixgroup=string \ + [type={domain|local}] [ntgroup=string] [comment=string] + + + + + + +GROUPMAP DELETE + +Delete a group mapping entry. If more than one group name matches, the first entry found is deleted. + +net groupmap delete {ntgroup=string|sid=SID} + + + + +GROUPMAP MODIFY + +Update en existing group entry. + + + +net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \ + [comment=string] [type={domain|local}] + + + + + +GROUPMAP LIST + +List existing group mapping entries. + +net groupmap list [verbose] [ntgroup=string] [sid=SID] + + + + + + + +MAXRID + +Prints out the highest RID currently in use on the local +server (by the active 'passdb backend'). + + + + + +RPC INFO + +Print information about the domain of the remote server, +such as domain name, domain sid and number of users and groups. + + + + + +[RPC|ADS] TESTJOIN + +Check whether participation in a domain is still valid. + + + + +[RPC|ADS] CHANGETRUSTPW + +Force change of domain trust password. + + + + +RPC TRUSTDOM + + +RPC TRUSTDOM ADD <replaceable>DOMAIN</replaceable> + +Add a interdomain trust account for DOMAIN. +This is in fact a Samba account named DOMAIN$ +with the account flag 'I' (interdomain trust account). +If the command is used against localhost it has the same effect as +smbpasswd -a -i DOMAIN. Please note that both commands +expect a appropriate UNIX account. + + + + + +RPC TRUSTDOM DEL <replaceable>DOMAIN</replaceable> + +Remove interdomain trust account for +DOMAIN. If it is used against localhost +it has the same effect as smbpasswd -x DOMAIN$. + + + + + +RPC TRUSTDOM ESTABLISH <replaceable>DOMAIN</replaceable> + + +Establish a trust relationship to a trusting domain. +Interdomain account must already be created on the remote PDC. + + + + + +RPC TRUSTDOM REVOKE <replaceable>DOMAIN</replaceable> +Abandon relationship to trusted domain + + + + +RPC TRUSTDOM LIST + +List all current interdomain trust relationships. + + + + +RPC RIGHTS + +This subcommand is used to view and manage Samba's rights assignments (also +referred to as privileges). There are three options currently available: +list, grant, and +revoke. More details on Samba's privilege model and its use +can be found in the Samba-HOWTO-Collection. + + + + + + + +RPC ABORTSHUTDOWN + +Abort the shutdown of a remote server. + + + + +RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message] + +Shut down the remote server. + + + +-r + +Reboot after shutdown. + + + + +-f + +Force shutting down all applications. + + + + +-t timeout + +Timeout before system will be shut down. An interactive +user of the system can use this time to cancel the shutdown. + +'> + + +-C message +Display the specified message on the screen to +announce the shutdown. + + + + + + +RPC SAMDUMP + +Print out sam database of remote server. You need +to run this against the PDC, from a Samba machine joined as a BDC. + + + +RPC VAMPIRE + +Export users, aliases and groups from remote server to +local server. You need to run this against the PDC, from a Samba machine joined as a BDC. + + + + + +RPC GETSID + +Fetch domain SID and store it in the local secrets.tdb. + + + + +ADS LEAVE + +Make the remote host leave the domain it is part of. + + + + +ADS STATUS + +Print out status of machine account of the local machine in ADS. +Prints out quite some debug info. Aimed at developers, regular +users should use NET ADS TESTJOIN. + + + + +ADS PRINTER + + +ADS PRINTER INFO [<replaceable>PRINTER</replaceable>] [<replaceable>SERVER</replaceable>] + + +Lookup info for PRINTER on SERVER. The printer name defaults to "*", the +server name defaults to the local host. + + + + +ADS PRINTER PUBLISH <replaceable>PRINTER</replaceable> + +Publish specified printer using ADS. + + + + +ADS PRINTER REMOVE <replaceable>PRINTER</replaceable> + +Remove specified printer from ADS directory. + + + + + + +ADS SEARCH <replaceable>EXPRESSION</replaceable> <replaceable>ATTRIBUTES...</replaceable> + +Perform a raw LDAP search on a ADS server and dump the results. The +expression is a standard LDAP search expression, and the +attributes are a list of LDAP fields to show in the results. + +Example: net ads search '(objectCategory=group)' sAMAccountName + + + + + +ADS DN <replaceable>DN</replaceable> <replaceable>(attributes)</replaceable> + + +Perform a raw LDAP search on a ADS server and dump the results. The +DN standard LDAP DN, and the attributes are a list of LDAP fields +to show in the result. + + +Example: net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName + + + + +ADS WORKGROUP + +Print out workgroup name for specified kerberos realm. + + + + +SAM CREATEBUILTINGROUP <NAME> + + +(Re)Create a BUILTIN group. +Only a wellknown set of BUILTIN groups can be created with this command. +This is the list of currently recognized group names: Administrators, +Users, Guests, Power Users, Account Operators, Server Operators, Print +Operators, Backup Operators, Replicator, RAS Servers, Pre-Windows 2000 +compatible Access. + +This command requires a running Winbindd with idmap allocation properly +configured. The group gid will be allocated out of the winbindd range. + + + + + +SAM CREATELOCALGROUP <NAME> + + +Create a LOCAL group (also known as Alias). + +This command requires a running Winbindd with idmap allocation properly +configured. The group gid will be allocated out of the winbindd range. + + + + + +SAM DELETELOCALGROUP <NAME> + + +Delete an existing LOCAL group (also known as Alias). + + + + + + +SAM MAPUNIXGROUP <NAME> + + +Map an existing Unix group and make it a Domain Group, the domain group +will have the same name. + + + + + +SAM UNMAPUNIXGROUP <NAME> + + +Remove an existing group mapping entry. + + + + + +SAM ADDMEM <GROUP> <MEMBER> + + +Add a member to a Local group. The group can be specified only by name, +the member can be specified by name or SID. + + + + + +SAM DELMEM <GROUP> <MEMBER> + + +Remove a member from a Local group. The group and the member must be +specified by name. + + + + + +SAM LISTMEM <GROUP> + + +List Local group members. The group must be specified by name. + + + + + +SAM LIST <users|groups|localgroups|builtin|workstations> [verbose] + + +List the specified set of accounts by name. If verbose is specified, +the rid and description is also provided for each account. + + + + + +SAM SHOW <NAME> + + +Show the full DOMAIN\\NAME the SID and the type for the corresponding +account. + + + + + +SAM SET HOMEDIR <NAME> <DIRECTORY> + + +Set the home directory for a user account. + + + + + +SAM SET PROFILEPATH <NAME> <PATH> + + +Set the profile path for a user account. + + + + + +SAM SET COMMENT <NAME> <COMMENT> + + +Set the comment for a user or group account. + + + + + +SAM SET FULLNAME <NAME> <FULL NAME> + + +Set the full name for a user account. + + + + + +SAM SET LOGONSCRIPT <NAME> <SCRIPT> + + +Set the logon script for a user account. + + + + + +SAM SET HOMEDRIVE <NAME> <DRIVE> + + +Set the home drive for a user account. + + + + + +SAM SET WORKSTATIONS <NAME> <WORKSTATIONS> + + +Set the workstations a user account is allowed to log in from. + + + + + +SAM SET DISABLE <NAME> + + +Set the "disabled" flag for a user account. + + + + + +SAM SET PWNOTREQ <NAME> + + +Set the "password not required" flag for a user account. + + + + + +SAM SET AUTOLOCK <NAME> + + +Set the "autolock" flag for a user account. + + + + + +SAM SET PWNOEXP <NAME> + + +Set the "password do not expire" flag for a user account. + + + + + +SAM SET PWDMUSTCHANGENOW <NAME> [yes|no] + + +Set or unset the "password must change" flag for a user account. + + + + + +SAM POLICY LIST + + +List the available account policies. + + + + + +SAM POLICY SHOW <account policy> + + +Show the account policy value. + + + + + +SAM POLICY SET <account policy> <value> + + +Set a value for the account policy. +Valid values can be: "forever", "never", "off", or a number. + + + + + +SAM PROVISION + + +Only available if ldapsam:editposix is set and winbindd is running. +Properly populates the ldap tree with the basic accounts (Administrator) +and groups (Domain Users, Domain Admins, Domain Guests) on the ldap tree. + + + + + +IDMAP DUMP <local tdb file name> + + +Dumps the mappings contained in the local tdb file specified. +This command is useful to dump only the mappings produced by the idmap_tdb backend. + + + + + +IDMAP RESTORE [input file] + + +Restore the mappings from the specified file or stdin. + + + + + +IDMAP SECRET <DOMAIN>|ALLOC <secret> + + +Store a secret for the specified domain, used primarily for domains +that use idmap_ldap as a backend. In this case the secret is used +as the password for the user DN used to bind to the ldap server. + + + + + +USERSHARE + +Starting with version 3.0.23, a Samba server now supports the ability for +non-root users to add user defined shares to be exported using the "net usershare" +commands. + + + +To set this up, first set up your smb.conf by adding to the [global] section: + +usershare path = /usr/local/samba/lib/usershares + +Next create the directory /usr/local/samba/lib/usershares, change the owner to root and +set the group owner to the UNIX group who should have the ability to create usershares, +for example a group called "serverops". + +Set the permissions on /usr/local/samba/lib/usershares to 01770. + +(Owner and group all access, no access for others, plus the sticky bit, +which means that a file in that directory can be renamed or deleted only +by the owner of the file). + +Finally, tell smbd how many usershares you will allow by adding to the [global] +section of smb.conf a line such as : + +usershare max shares = 100. + +To allow 100 usershare definitions. Now, members of the UNIX group "serverops" +can create user defined shares on demand using the commands below. + + +The usershare commands are: + + +net usershare add sharename path [comment] [acl] [guest_ok=[y|n]] - to add or change a user defined share. +net usershare delete sharename - to delete a user defined share. +net usershare info [-l|--long] [wildcard sharename] - to print info about a user defined share. +net usershare list [-l|--long] [wildcard sharename] - to list user defined shares. + + + + + +USERSHARE ADD <replaceable>sharename</replaceable> <replaceable>path</replaceable> <replaceable>[comment]</replaceable> <replaceable>[acl]</replaceable> <replaceable>[guest_ok=[y|n]]</replaceable> + + +Add or replace a new user defined share, with name "sharename". + + + +"path" specifies the absolute pathname on the system to be exported. +Restrictions may be put on this, see the global smb.conf parameters: +"usershare owner only", "usershare prefix allow list", and +"usershare prefix deny list". + + + +The optional "comment" parameter is the comment that will appear +on the share when browsed to by a client. + + +The optional "acl" field +specifies which users have read and write access to the entire share. +Note that guest connections are not allowed unless the smb.conf parameter +"usershare allow guests" has been set. The definition of a user +defined share acl is: "user:permission", where user is a valid +username on the system and permission can be "F", "R", or "D". +"F" stands for "full permissions", ie. read and write permissions. +"D" stands for "deny" for a user, ie. prevent this user from accessing +this share. +"R" stands for "read only", ie. only allow read access to this +share (no creation of new files or directories or writing to files). + + + +The default if no "acl" is given is "Everyone:R", which means any +authenticated user has read-only access. + + + +The optional "guest_ok" has the same effect as the parameter of the +same name in smb.conf, in that it allows guest access to this user +defined share. This parameter is only allowed if the global parameter +"usershare allow guests" has been set to true in the smb.conf. + + +There is no separate command to modify an existing user defined share, +just use the "net usershare add [sharename]" command using the same +sharename as the one you wish to modify and specify the new options +you wish. The Samba smbd daemon notices user defined share modifications +at connect time so will see the change immediately, there is no need +to restart smbd on adding, deleting or changing a user defined share. + + + +USERSHARE DELETE <replaceable>sharename</replaceable> + + +Deletes the user defined share by name. The Samba smbd daemon +immediately notices this change, although it will not disconnect +any users currently connected to the deleted share. + + + + + +USERSHARE INFO <replaceable>[-l|--long]</replaceable> <replaceable>[wildcard sharename]</replaceable> + + +Get info on user defined shares owned by the current user matching the given pattern, or all users. + + + +net usershare info on its own dumps out info on the user defined shares that were +created by the current user, or restricts them to share names that match the given +wildcard pattern ('*' matches one or more characters, '?' matches only one character). +If the '-l' or '--long' option is also given, it prints out info on user defined +shares created by other users. + + + +The information given about a share looks like: + +[foobar] +path=/home/jeremy +comment=testme +usershare_acl=Everyone:F +guest_ok=n + +And is a list of the current settings of the user defined share that can be +modified by the "net usershare add" command. + + + + + +USERSHARE LIST <replaceable>[-l|--long]</replaceable> <replaceable>wildcard sharename</replaceable> + + +List all the user defined shares owned by the current user matching the given pattern, or all users. + + + +net usershare list on its own list out the names of the user defined shares that were +created by the current user, or restricts the list to share names that match the given +wildcard pattern ('*' matches one or more characters, '?' matches only one character). +If the '-l' or '--long' option is also given, it includes the names of user defined +shares created by other users. + + + + + + + +CONF + +Starting with version 3.2.0, a Samba server can be configured by data +stored in registry. This configuration data can be edited with the new "net +conf" commands. + + + +The deployment of this configuration data can be activated in two levels from the +smb.conf file: Share definitions from registry are +activated by setting registry shares to +yes in the [global] section and global configuration options are +activated by setting registry in +the [global] section. +See the smb.conf +5 manpage for details. + + +The conf commands are: + +net conf list - Dump the complete configuration in smb.conf like +format. +net conf import - Import configuration from file in smb.conf +format. +net conf listshares - List the registry shares. +net conf drop - Delete the complete configuration from +registry. +net conf showshare - Show the definition of a registry share. +net conf addshare - Create a new registry share. +net conf delshare - Delete a registry share. +net conf setparm - Store a parameter. +net conf getparm - Retrieve the value of a parameter. +net conf delparm - Delete a parameter. + + + + +CONF LIST + + +Print the configuration data stored in the registry in a smb.conf-like format to +standard output. + + + + +CONF IMPORT <replaceable>[--test|-T]</replaceable> <replaceable>filename</replaceable> <replaceable>[section]</replaceable> + + +This command imports configuration from a file in smb.conf format. +If a section encountered in the input file is present in registry, +its contents is replaced. Sections of registry configuration that have +no counterpart in the input file are not affected. If you want to delete these, +you will have to use the "net conf drop" or "net conf delshare" commands. +Optionally, a section may be specified to restrict the effect of the +import command to that specific section. A test mode is enabled by specifying +the parameter "-T" on the commandline. In test mode, no changes are made to the +registry, and the resulting configuration is printed to standard output instead. + + + + +CONF LISTSHARES + + +List the names of the shares defined in registry. + + + + +CONF DROP + + +Delete the complete configuration data from registry. + + + + +CONF SHOWSHARE <replaceable>sharename</replaceable> + + +Show the definition of the share or section specified. It is valid to specify +"global" as sharename to retrieve the global configuration options from +registry. + + + + +CONF ADDSHARE <replaceable>sharename</replaceable> <replaceable>path</replaceable> [<replaceable>writeable={y|N}</replaceable> [<replaceable>guest_ok={y|N}</replaceable> [<replaceable>comment</replaceable>]]] + +Create a new share definition in registry. +The sharename and path have to be given. The share name may +not be "global". Optionally, values for the very +common options "writeable", "guest ok" and a "comment" may be specified. +The same result may be obtained by a sequence of "net conf setparm" +commands. + + + + +CONF DELSHARE <replaceable>sharename</replaceable> + + +Delete a share definition from registry. + + + + +CONF SETPARM <replaceable>section</replaceable> <replaceable>parameter</replaceable> <replaceable>value</replaceable> + + +Store a parameter in registry. The section may be global or a sharename. +The section is created if it does not exist yet. + + + + +CONF GETPARM <replaceable>section</replaceable> <replaceable>parameter</replaceable> + + +Show a parameter stored in registry. + + + + +CONF DELPARM <replaceable>section</replaceable> <replaceable>parameter</replaceable> + + +Delete a parameter stored in registry. + + + + + + + + + + + + + +HELP [COMMAND] + +Gives usage information for the specified command. + + + + + + + VERSION + + This man page is complete for version 3.0 of the Samba + suite. + + + + AUTHOR + + The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed. + + The net manpage was written by Jelmer Vernooij. + + + + -- cgit From 327c47fd13098fd65cf3333cd3ee0d5bfea698df Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 10 Jul 2008 13:46:25 +0200 Subject: docs: update the section about net conf in the net(8) manpage. The description of the "net conf {get,set,del}includes" commands was missing. Michael (This used to be commit 671988c7b5891deeca23e2305fe101a3be1a44d2) --- docs-xml/manpages-3/net.8.xml | 42 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) (limited to 'docs-xml/manpages-3/net.8.xml') diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml index 9e2558eb32..f3ee6b5bd8 100644 --- a/docs-xml/manpages-3/net.8.xml +++ b/docs-xml/manpages-3/net.8.xml @@ -1409,6 +1409,9 @@ registry. net conf setparm - Store a parameter. net conf getparm - Retrieve the value of a parameter. net conf delparm - Delete a parameter. +net conf getincludes - Show the includes of a share definition. +net conf setincludes - Set includes for a share. +net conf delincludes - Delete includes from a share definition. @@ -1509,9 +1512,46 @@ Delete a parameter stored in registry. - +CONF GETINCLUDES <replaceable>section</replaceable> +Get the list of includes for the provided section (global or share). + + + +Note that due to the nature of the registry database and the nature of include directives, +the includes need special treatment: Parameters are stored in registry by the parameter +name as valuename, so there is only ever one instance of a parameter per share. +Also, a specific order like in a text file is not guaranteed. For all real +parameters, this is perfectly ok, but the include directive is rather a meta +parameter, for which, in the smb.conf text file, the place where it is specified +between the other parameters is very important. This can not be achieved by the +simple registry smbconf data model, so there is one ordered list of includes +per share, and this list is evaluated after all the parameters of the share. + + + +Further note that currently, only files can be included from registry +configuration. In the future, there will be the ability to include configuration +data from other registry keys. + + + + +CONF SETINCLUDES <replaceable>section</replaceable> [<replaceable>filename</replaceable>]+ + + +Set the list of includes for the provided section (global or share) to the given +list of one or more filenames. The filenames may contain the usual smb.conf +macros like %I. + + + + +CONF DELINCLUDES <replaceable>section</replaceable> + + +Delete the list of includes from the provided section (global or share). -- cgit From cfa8b972a1b00386775144cdfde38e88000339f3 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 10 Jul 2008 13:50:04 +0200 Subject: docs: fix VERSION section in the net(8) manpage. It still said for version 3.0 .. Michael (This used to be commit 93887f2e42bf4e632dab716deda6d2951dbd1f2a) --- docs-xml/manpages-3/net.8.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs-xml/manpages-3/net.8.xml') diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml index f3ee6b5bd8..b29beaa01d 100644 --- a/docs-xml/manpages-3/net.8.xml +++ b/docs-xml/manpages-3/net.8.xml @@ -1569,7 +1569,7 @@ Delete the list of includes from the provided section (global or share). VERSION - This man page is complete for version 3.0 of the Samba + This man page is complete for version 3 of the Samba suite. -- cgit From 2264ae717cf08e3f043ef77ffbc13813d1c56e2b Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 10 Jul 2008 14:05:33 +0200 Subject: docs: fix the net conf section of net(8) to mention "config backend = registry". Michael (This used to be commit c2e9d82d9497f0d245a46c5c82ff15306788109e) --- docs-xml/manpages-3/net.8.xml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'docs-xml/manpages-3/net.8.xml') diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml index b29beaa01d..cdf0fbbf60 100644 --- a/docs-xml/manpages-3/net.8.xml +++ b/docs-xml/manpages-3/net.8.xml @@ -1389,7 +1389,9 @@ The deployment of this configuration data can be activated in two levels from th activated by setting registry shares to yes in the [global] section and global configuration options are activated by setting registry in -the [global] section. +the [global] section for a mixed configuration or by setting +registry in the [global] +section for a registry-only configuration. See the smb.conf 5 manpage for details. -- cgit From 2f02c33982ffc296a05ed8119cd9a9832a2de203 Mon Sep 17 00:00:00 2001 From: Karolin Seeger Date: Fri, 22 Aug 2008 17:23:36 +0200 Subject: manpages: Add documentation for new 'net rpc vampire' subcommands. Karolin (This used to be commit 8d0a16d8034cd07037b3c7711867280d5fa5b2c8) --- docs-xml/manpages-3/net.8.xml | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'docs-xml/manpages-3/net.8.xml') diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml index cdf0fbbf60..31fe69d8d3 100644 --- a/docs-xml/manpages-3/net.8.xml +++ b/docs-xml/manpages-3/net.8.xml @@ -850,7 +850,20 @@ to run this against the PDC, from a Samba machine joined as a BDC. Export users, aliases and groups from remote server to local server. You need to run this against the PDC, from a Samba machine joined as a BDC. + + + +RPC VAMPIRE KEYTAB +Dump remote SAM database to local Kerberos keytab file. + + + + +RPC VAMPIRE LDIF + +Dump remote SAM database to local LDIF file or standard output. + -- cgit