From 69fb70bea547434753cd969c7134fa3ca7522bf2 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Fri, 19 Nov 1999 23:26:42 +0000 Subject: yodl update - rpcclient (This used to be commit 9eef1817f8f29c2d69832806b394658cf2cce5e9) --- docs/textdocs/rpcclient.1.txt | 685 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 685 insertions(+) create mode 100644 docs/textdocs/rpcclient.1.txt (limited to 'docs/textdocs') diff --git a/docs/textdocs/rpcclient.1.txt b/docs/textdocs/rpcclient.1.txt new file mode 100644 index 0000000000..78aaca02bc --- /dev/null +++ b/docs/textdocs/rpcclient.1.txt @@ -0,0 +1,685 @@ + +TITLE INFORMATION: rpcclient (1) +AUTHOR INFORMATION: Samba SAMBA +DATE INFORMATION: 23 Oct 1998 + +NAME +rpcclient - utility to manage MSRPC resources on servers + +SYNOPSIS + +rpcclient +[password] +-S servername +[-U [username][%][password]] +[-W domain] +[-l log basename] +[-d debuglevel] +[-O socket options] +[-i scope] +[-N] +[-n NetBIOS name] +[-h] +[-I dest IP] +[-E] +[-t terminal code] +[-c command string] +[-B IP addr] +[-s smb.conf] +[-m max protocol] + +DESCRIPTION + +This program is part of the Samba suite. + +rpcclient is a client that can 'talk' to an SMB/CIFS MSRPC server. +Operations include things like managing a SAM Database (users, groups +and aliases) in the same way as the Windows NT programs +User Manager for Domains and Server Manager for Domains; +managing a remote registry in the same way as the Windows NT programs +REGEDT32.EXE and REGEDIT.EXE; viewing a remote event log (same +as EVENTVWR.EXE) etc. + +Typical usage is like this: + +rpcclient -I 192.168.32.1 -S "*SMBSERVER" -U fred%secret -l log + +OPTIONS + +o servername servername is the name of the server you want +to use on the server. This should be the NetBIOS name of the SMB/CIFS +server, which can be *SMBSERVER on Windows NT 4.0 or Samba Servers. + +Note that the server name required is NOT necessarily the IP (DNS) +host name of the server! The name required is a NetBIOS server name, +which may or may not be the same as the IP hostname of the machine +running the server. Also, remember that having a period in a NetBIOS +name (such as an IP hostname) may cause connectivity problems on your +network: NT tends to strip NetBIOS names from the leading period +onwards. + +The server name is looked up according to either the +-R parameter to rpcclient or using the +name resolve order +parameter in the smb.conf file, allowing an administrator to change +the order and methods by which server names are looked up. + +o password password is the password required to access the +specified service on the specified server. If this parameter is +supplied, the -N option (suppress password prompt) is assumed. + +There is no default password. If no password is supplied on the +command line (either by using this parameter or adding a password to +the -U option (see below)) and the -N option is not specified, +the client will prompt for a password, even if the desired service +does not require one. (If no password is required, simply press ENTER +to provide a null password.) + +Note: Some servers (including OS/2 and Windows for Workgroups) insist +on an uppercase password. Lowercase or mixed case passwords may be +rejected by these servers. + +Be cautious about including passwords in scripts. + +o -s smb.conf This parameter specifies the pathname to the +Samba configuration file, smb.conf. This file controls all aspects of +the Samba setup on the machine and rpcclient also needs to read this +file. + +o -B IP addr The IP address to use when sending a broadcast packet. + +o -O socket options TCP socket options to set on the client +socket. See the socket options +parameter in the smb.conf (5) manpage for +the list of valid options. + +o -R name resolve order This option allows the user of +rpcclient to determine what name resolution services to use when +looking up the NetBIOS name of the host being connected to. + +The options are :"lmhosts", "host", "wins" and "bcast". They cause +names to be resolved as follows : + +o lmhosts : Lookup an IP address in the Samba lmhosts file. +The lmhosts file is stored in the same directory as the +smb.conf file. + +o host : Do a standard host name to IP address resolution, +using the system /etc/hosts, NIS, or DNS lookups. This method of name +resolution is operating system depended for instance on IRIX or +Solaris this may be controlled by the /etc/nsswitch.conf file). + +o wins : Query a name with the IP address listed in the wins +server parameter in the smb.conf file. If +no WINS server has been specified this method will be ignored. + +o bcast : Do a broadcast on each of the known local interfaces +listed in the interfaces parameter +in the smb.conf file. This is the least reliable of the name resolution +methods as it depends on the target host being on a locally connected +subnet. To specify a particular broadcast address the -B option +may be used. + +If this parameter is not set then the name resolve order defined +in the smb.conf file parameter +(name resolve order) +will be used. + +The default order is lmhosts, host, wins, bcast and without this +parameter or any entry in the "name resolve +order" parameter of the +smb.conf file the name resolution methods +will be attempted in this order. + +o -i scope This specifies a NetBIOS scope that rpcclient will use +to communicate with when generating NetBIOS names. For details on the +use of NetBIOS scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes +are very rarely used, only set this parameter if you are the +system administrator in charge of all the NetBIOS systems you +communicate with. + +o -N If specified, this parameter suppresses the normal +password prompt from the client to the user. This is useful when +accessing a service that does not require a password. + +Unless a password is specified on the command line or this parameter +is specified, the client will request a password. + +o -n NetBIOS name By default, the client will use the local +machine's hostname (in uppercase) as its NetBIOS name. This parameter +allows you to override the host name and use whatever NetBIOS name you +wish. + +o -d debuglevel debuglevel is an integer from 0 to 10, or the +letter 'A'. + +The default value if this parameter is not specified is zero. + +The higher this value, the more detail will be logged to the log files +about the activities of the client. At level 0, only critical errors +and serious warnings will be logged. Level 1 is a reasonable level for +day to day running - it generates a small amount of information about +operations carried out. + +Levels above 1 will generate considerable amounts of log data, and +should only be used when investigating a problem. Levels above 3 are +designed for use only by developers and generate HUGE amounts of log +data, most of which is extremely cryptic. If debuglevel is set to the +letter 'A', then all debug messages will be printed. This setting +is for developers only (and people who really want to know how the +code works internally). + +Note that specifying this parameter here will override the log +level parameter in the smb.conf +(5) file. + +o -p port This number is the TCP port number that will be used +when making connections to the server. The standard (well-known) TCP +port number for an SMB/CIFS server is 139, which is the default. + +o -l logfilename If specified, logfilename specifies a base +filename into which operational data from the running client will be +logged. + +The default base name is specified at compile time. + +The base name is used to generate actual log file names. For example, +if the name specified was "log", the debug file would be +log.client. + +The log file generated is never removed by the client. + +o -h Print the usage message for the client. + +o -I IP address IP address is the address of the server to +connect to. It should be specified in standard "a.b.c.d" notation. + +Normally the client would attempt to locate a named SMB/CIFS server by +looking it up via the NetBIOS name resolution mechanism described +above in the name resolve order parameter +above. Using this parameter will force the client to assume that the +server is on the machine with the specified IP address and the NetBIOS +name component of the resource being connected to will be ignored. + +There is no default for this parameter. If not supplied, it will be +determined automatically by the client as described above. + +o -E This parameter causes the client to write messages to the +standard error stream (stderr) rather than to the standard output +stream. + +By default, the client writes messages to standard output - typically +the user's tty. + +Note that by default, debug information is always sent to stderr. +Debug information can instead be sent to a file, using the +-l log basename option. + +o -U username This specifies the user name that will be used by +the client to make a connection, assuming your server is not a downlevel +server that is running a protocol level that uses passwords on shares, +not on usernames. + +Some servers are fussy about the case of this name, and some insist +that it must be a valid NetBIOS name. + +If no username is supplied, it will default to an uppercase version of +the environment variable USER or LOGNAME in that order. If no +username is supplied and neither environment variable exists the +username "GUEST" will be used. + +If the USER environment variable contains a '%' character, +everything after that will be treated as a password. This allows you +to set the environment variable to be USER=username%password so +that a password is not passed on the command line (where it may be +seen by the ps command). + +If the service you are connecting to requires a password, it can be +supplied using the -U option, by appending a percent symbol ("%") +then the password to username. For example, to attach to a service as +user "fred" with password "secret", you would specify. + +-U fred%secret + +on the command line. Note that there are no spaces around the percent +symbol. + +If you specify the password as part of username then the -N option +(suppress password prompt) is assumed. + +If you specify the password as a parameter AND as part of username +then the password as part of username will take precedence. Putting +nothing before or nothing after the percent symbol will cause an empty +username or an empty password to be used, respectively. + +The password may also be specified by setting up an environment +variable called PASSWORD that contains the users password. Note +that this may be very insecure on some systems but on others allows +users to script rpcclient commands without having a password appear in +the command line of a process listing. + +Note: Some servers (including OS/2 and Windows for Workgroups) insist +on an uppercase password. Lowercase or mixed case passwords may be +rejected by these servers. + +Be cautious about including passwords in scripts or in the +PASSWORD environment variable. Also, on many systems the command +line of a running process may be seen via the ps command to be +safe always allow rpcclient to prompt for a password and type it in +directly. + +o -t terminal code This option tells rpcclient how to interpret +filenames coming from the remote server. Usually Asian language +multibyte UNIX implementations use different character sets than +SMB/CIFS servers (EUC instead of SJIS for example). Setting +this parameter will let rpcclient convert between the UNIX filenames +and the SMB filenames correctly. This option has not been seriously +tested and may have some problems. + +The terminal codes include sjis, euc, jis7, jis8, +junet, hex, cap. This is not a complete list, check the +Samba source code for the complete list. + +o -m max protocol level With the new code in Samba2.0, +rpcclient always attempts to connect at the maximum +protocols level the server supports. This parameter is +preserved for backwards compatibility, but any string +following the -m will be ignored. + +o -W Domain Override the default Domain, which is the remote server's +Domain. This option may be needed to connect to some servers. It is also +possible to specify the remote server name as the Domain, which will +force the username and password to be authenticated against the remote +server's local SAM instead of the Domain SAM. + +o -c command string command string is a semicolon separated +list of commands to be executed instead of prompting from stdin. +-N is implied by -c. + +This is particularly useful in scripts, e.g. -c 'lsaquery; enumusers -u'. + +OPERATIONS + +Once the client is running, the user is presented with a prompt : + +smb:\> + +The prompt indicates that the client is ready and waiting to carry out +a user command. Each command is a single word, optionally followed by +parameters specific to that command. Command and parameters are +space-delimited unless these notes specifically state otherwise. All +commands are case-insensitive. Parameters to commands may or may not +be case sensitive, depending on the command. + +You can specify names (e.g registry keys; user or group names; +service names) which have spaces in them by quoting the +name with double quotes, for example "dRMON SmartAgent". + +Parameters shown in square brackets (e.g., "[parameter]") are +optional. If not given, the command will use suitable +defaults. Parameters shown in angle brackets (e.g., "") are +required. + +Note that all commands operating on the server are actually performed +by issuing a request to the server. Thus the behavior may vary from +server to server, depending on how the server was implemented. + +The commands available are listed in groups relating to different services: + +o Misccellaneous + + o ? [command] If "command" is specified, + the ? command will display a brief informative message about the + specified command. If no command is specified, a list of available + commands will be displayed. + + o ! [shell command] If "shell command" + is specified, the ! command will execute a shell locally and run + the specified shell command. If no command is specified, a local shell + will be run. + + o exit Terminate the connection with the server and + exit from the program. + + o help [command] See the ? + command above. + + o quit See the exit command. + +o Event Log + + o eventlog + list the events + +o Service Control + + It is possible to use command-line completion (if you have + the GNU readline library) for Service names, by pressing the + tab key. + + o svcenum + [-i] Lists Services Manager + + o svcinfo + Service Information + + o svcstart + [arg 0] [arg 1] ... Start Service + + o svcstop + Stop Service + +o Scheduler + + o at + Scheduler control (at /? for syntax) + +o Registry + + It is possible to use command-line completion (if you have + the GNU readline library) for registry key and value names, + by pressing the tab key. + + o regenum + Registry Enumeration (keys, values) + + o regdeletekey + Registry Key Delete + + o regcreatekey + [keyclass] Registry Key Create + + o shutdown + [-m message] [-t timeout] [-r or --reboot] Server Shutdown + + o regqueryval + Registry Value Query + + o regquerykey + Registry Key Query + + o regdeleteval + Registry Value Delete + + o regcreateval + Registry Key Create + + o reggetsec + Registry Key Security + + o regtestsec + Test Registry Key Security + +o Printing + + It is possible to use command-line completion (if you have + the GNU readline library) for Printer and job names, by + pressing the tab key. + + o spoolenum + Enumerate Printers + + o spooljobs + Enumerate Printer Jobs + + o spoolopen + Spool Printer Open Test + +o Server + + o time + Display remote time + + o brsinfo + Browser Query Info + + o wksinfo + Workstation Query Info + + o srvinfo + Server Query Info + + o srvsessions + List sessions on a server + + o srvshares + List shares on a server + + o srvtransports + List transports on a server + + o srvconnections + List connections on a server + + o srvfiles + List files on a server + +o Local Security Authority + + o lsaquery + Query Info Policy (domain member or server) + + o lsaenumdomains + Enumerate Trusted Domains + + o lookupsids + Resolve names from SIDs + + o lookupnames + Resolve SIDs from names + + o querysecret + LSA Query Secret (developer use) + +o NETLOGON + + o ntlogin + [username] [password] NT Domain login test + + o domtrust + NT Inter-Domain test + + o samsync + SAM Synchronization Test (experimental) + +o SAM Database + + It is possible to use command-line completion (if you have + the GNU readline library) for user, group, alias and domain + names, by pressing the tab key. + + o lookupdomain + Obtain SID for a local domain + + o enumusers + SAM User Database Query (experimental!) + + o addgroupmem + [user] [user] ... SAM Add Domain Group Member + + o addaliasmem + [member sid1] [member sid2] ... SAM Add Domain Alias Member + + o delgroupmem + [user] [user] ... SAM Delete Domain Group Member + + o delaliasmem + [member sid1] [member sid2] ... SAM Delete Domain Alias Member + + o creategroup + SAM Create Domain Group + + o createalias + SAM Create Domain Alias + + o createuser + SAM Create Domain User + + o delgroup + SAM Delete Domain Group + + o delalias + SAM Delete Domain Alias + + o ntpass + NT SAM Password Change + + o samuserset2 + [-s acb_bits] SAM User Set Info 2 (experimental!) + + o samuserset + [-p password] SAM User Set Info (experimental!) + + o samuser + SAM User Query (experimental!) + + o samgroup + SAM Group Query (experimental!) + + o samalias + SAM Alias Query + + o samaliasmem + SAM Alias Members + + o samgroupmem + SAM Group Members + + o samtest + SAM User Encrypted RPC test (experimental!) + + o enumaliases + SAM Aliases Database Query (experimental!) + + o enumdomains + SAM Domains Database Query (experimental!) + + o enumgroups + SAM Group Database Query (experimental!) + + o dominfo + SAM Query Domain Info + + o dispinfo + SAM Query Display Info + +NOTES + +Some servers are fussy about the case of supplied usernames, +passwords, share names (AKA service names) and machine names. If you +fail to connect try giving all parameters in uppercase. + +It is often necessary to use the -n option when connecting +to some types of servers. For example OS/2 LanManager insists on a valid +NetBIOS name being used, so you need to supply a valid name that would +be known to the server. + +rpcclient only works on servers that support MSRPC over SMB. This includes +all versions of Windows NT, including the ports to Unix such as AS/U and +AFPS. Support for MSRPC over SMB in other servers is currently rare and +patchy, for example Samba 2.0 only supports a limited set of MSRPC commands, +and some of those are not supported very well. + +ENVIRONMENT VARIABLES + +The variable USER may contain the username of the person using the +client. This information is used only if the protocol level is high +enough to support session-level passwords. + +The variable PASSWORD may contain the password of the person using +the client. This information is used only if the protocol level is +high enough to support session-level passwords. + +INSTALLATION + +The location of the client program is a matter for individual system +administrators. The following are thus suggestions only. + +It is recommended that the rpcclient software be installed in the +/usr/local/samba/bin or /usr/samba/bin directory, this directory +readable by all, writeable only by root. The client program itself +should be executable by all. The client should NOT be setuid or +setgid! + +The client log files should be put in a directory readable and +writeable only by the user. + +To test the client, you will need to know the name of a running +SMB/CIFS server. It is possible to run smbd (8) +an ordinary user - running that server as a daemon on a +user-accessible port (typically any port number over 1024) would +provide a suitable test server. + +DIAGNOSTICS + +Most diagnostics issued by the client are logged in a specified log +file. The log file name is specified at compile time, but may be +overridden on the command line. + +The number and nature of diagnostics available depends on the debug +level used by the client. If you have problems, set the debug level to +3 and peruse the log files. + +VERSION + +This man page is correct for version 2.0 of the Samba suite. + +BUGS + +o WARNING! +The MSPRC over SMB code has been developed from examining Network traces. +No documentation is available from the original creators (Microsoft) on +how MSRPC over SMB works, or how the individual MSRPC services work. +Microsoft's implementation of these services has been demonstrated (and +reported) to be... a bit flakey in places. + +The development of Samba's implementation of these services is also +a bit rough, and as more of the services are understood, it can even result +in versions of smbd (8) and rpcclient that are +incompatible for some commands or services. Additionally, the developers +are sending reports to Microsoft, and problems found by or reported to +Microsoft are fixed in Service Packs, which may also result in +incompatibilities. + +It is therefore not guaranteed that the execution of an rpcclient command will +work. It is also not guaranteed that the target server will continue to +operate, i.e the execution of an MSRPC command may cause a remote service to +fail, or even cause the remote server to fail. Usual rules apply, of course: +the developers bear absolutely no responsibility for the use, misuse, or +lack of use of rpcclient, by any person or persons, whether legal, +illegal, accidental, deliberate, intentional, malicious, curious, etc. + +o Command Completion +Command-completion (available if you have the GNU readline library) used on +certain commands may not operate correctly if the word being completed (such as a registry key) contains a space. Typically, the name will be completed, but +you will have to go back and put quotes round it, yourself. + +o SAM Database command-completion +Command-completion (available if you have the GNU readline library) of user, +group and alias names does not work on remote Domains, which would normally +be specified like this: + +DOMAIN_name\\user_name. + +The only names that can be completed in this fashion are the local names +in the SAM database of the target server. + +AUTHOR + +The original Samba software and related utilities were created by +Andrew Tridgell samba-bugs@samba.org. Samba is now developed +by the Samba Team as an Open Source project similar to the way the +Linux kernel is developed. + +The original Samba man pages were written by Karl Auer. The man page +sources were converted to YODL format (another excellent piece of Open +Source software, available at +ftp://ftp.icce.rug.nl/pub/unix/) +and updated for the Samba2.0 release by Jeremy Allison. This man page +was developed cut-and-paste style from the smbclient man page, by +Luke Kenneth Casson Leighton. +samba-bugs@samba.org. + +See samba (7) to find out how to get a full +list of contributors and details on how to submit bug reports, +comments etc. -- cgit