RPCCLIENT

Samba

August 27, 2000

NAME

rpcclient - developer's tool to testing client side MS-RPC functions

SYNOPSIS

rpcclient [-d debuglevel] [-S server] [-l logbasename] [-n netbios name] [-N] [-m maxprotocol] [-I destIP] [-E] [-U username] [-W workgroup] [-c `command string`] [-t terminalcode] [-i scope] [-O socket options] [-s smb.conf]

DESCRIPTION

rpcclient is a utility for developers for executing various MS-RPC functions. It's primary use is for testing Samba's own MS-RPC server implementation, however many administrators have written scripts around it to manage Windows NT clients from their UNIX workstation.

OPTIONS

-d debuglevel set the debuglevel. Debug level 0 is the lowest and 100 being the highest. This should be set to 100 if you are planning on submitting a bug report to the Samba team (see BUGS.txt).
-S server NetBIOS name of Server to which you wish to connect. The server can be any SMB/CIFS server. The name is resolved using either the "name resolve order = " line or by using the -R option.
-l logbasename File name for log/debug files. .client will be appended. The log file is never removed by the client.
-n netbios name NetBIOS name of the local machine. This option is only needed if your Samba client cannot find it automatically. Samba should use the uppercase of the machine's hostname.
-N tells rpcclient not to ask for a password. rpcclient will prompt the user by default.
-I destIP The IP address of the server specified with the -S option. Only needed when the server's NetBIOS name cannot be resolved using WINS or broadcast and isn't found in the LMHOSTS file.
-E causes regedit to write messages to stderr instead of stdout.
-U username[%pass] Sets the SMB username or username and password. If %pass is not specified, The user will be prompted. The client will first check the USER environment variable, then the LOGNAME variable and if either exist, the string is uppercased. Anything in these variables following a % sign will be treated as the password. If these environmental variables are not found, the username GUEST is used.

If the password is not included in these environment variables (using the %pass syntax), rpcclient will look for a PASSWD environment variable from which to read the password.

A third option is to use a credentials file which contains the plaintext of the username and password. This option is mainly provided for scripts where the admin doesn't desire to pass the credentials on the command line or via environment variables. If this method is used, make certain that the permissions on the file restrict access from unwanted users. See the -A for more details.

Be cautious about including passwords in scripts or in the PASSWD environment variable. Also, on many systems the command line of a running process may be seen via the ps command to be safe always allow smbclient to prompt for a password and type it in directly.
-A <filename> This option allows you to specify a file from which to read the username and password used in the connection. The format of the file is

username = <value>
password = <value>

Make certain that the permissions on the file restrict access from unwanted users.
-W domain Set the SMB domain of the username. This overrides the default domain which is the domain of the server specified with the bt(-S) option. If the domain specified is the same as the server's NetBIOS name, it causes the client to log on using the server's local SAM (as opposed to the Domain SAM).
-P operate in promptless mode. Without this mode (the default) rpcclient displays a prompt of the form '[domain\username@host]$'
-c 'command string' execute semicolon separated commands (listed below))
-t terminalcode This tells the Samba client how to interpret the incoming filenames, in regards to character sets. The list here is not complete. For a complete list see your local Samba source. Some valid options are sjis, euc, jis7, jis8, junet and hex.
-O socket options These socket options are the same as in smb.conf (under the bt(socket options = ) section).
-s smb.conf Specifies the location of the all important smb.conf file.
-i scope Defines the NetBIOS scope. For more information on NetBIOS scopes, see rfc1001 and rfc1002. NetBIOS scopes are rarely used.

COMMANDS

SPOOLSS Commands

spoolenum Execute an EnumPrinters call. This lists the various installed and share printers. Refer to the MS Platform SDK documentation for more details of the various flags and calling options.

spoolenumports <level> Executes an EnumPorts call using the specified info level. Currently only info level 1 and 2 are supported.

spoolenumdata Enumerate all printer setting data stored on the server. On Windows NT clients, these values are stored in the registry, while Samba servers store them in the printers TDB. This command corresponds to the MS Platform SDK EnumPorts function.

spooljobs <printer> List the jobs and status of a given printer. This command corresponds to the MS Platform SDK EnumJobs function.

spoolopen <printer> Execute an OpenPrinterEx() and ClosePrinter() RPC against a given printer.

spoolgetdata Retrive the data for a given printer setting. See the spoolenumdata command for more information. This command corresponds to the GetPrinterData() MS Platform SDK function.

spoolgetprinter <printer> Retrieve the current printer information. This command sorresponds to the GetPrinter() MS Platform SDK function.

spoolgetprinterdriver <printer> Retrive the printer driver information (such as driver file, config file, dependent files, etc...) for the given printer. This command corresponds to the GetPrinterDriver() MS Platform SDK function.

spoolgetprinterdriverdir <arch> Execute a GetPrinterDriverDirectory() RPC to retreive the SMB share name and subdirectory for storing printer driver files for a given architecture. Possible values for <arch> are "Windows 4.0" (for Windows 95/98), "Windows NT x86", "Windows NT PowerPC", "Windows Alpha_AXP", and "Windows NT R4000".

spooladdprinter <printername> <sharename> <drivername> <port> Add a printer on the remote server. This printer will be automatically shared. Be aware that the printer driver must already be installed on the server (see addprinterdriver) and the <port> must be a valid port name.

spooladdprinterdriver <arch> <config> Execute an AddPrinterDriver() RPC to install the printer driver information on the server. Note that the driver files should already exist in the directort returned by spoolgetprinterdriverdir. Possible values for <arch> are the same as those for the spooolgetprintedriverdir command. The <config> parameter is defined as follows:

Any empty fields should be enter as the string "NULL".

Samba does not need to support the concept of Print Monitors since these only apply to local printers whose driver can make use of a bi-directional link for communication. This field should be "NULL". On a remote NT print server, the Print Monitor for a driver must already be installed prior to adding the driver or else the RPC will fail.

General Commands

set Set miscellaneous rpcclient command line options during a running session.

use Connect to a rmeote SMB server. rpcclient has the ability to maintain connections to multiple server simulaneously.

help Print a listing of all known commands or extended help on a particular command.

quit Exit rpcclient.

BUGS

rpcclient is designed as a developer testing tool and may not be robust in certain areas (such as command line parsing). It has been known to generate a core dump upon failures when invalid parameters where passed to the interpreter.

From Luke Leighton's original rpcclient man page: "WARNING! The MSRPC over SMB code has been developed from examining Network traces. No documentation is available from the original creators (Microsoft) on how MSRPC over SMB works, or how the individual MSRPC services work. Microsoft's implementation of these services has been demonstrated (and reported) to be... a bit flakey in places.

The development of Samba's implementation is also a bit rough, and as more of the services are understood, it can even result in versions of smbd(8) and rpcclient that are incompatible for some commands or services. Additionally, the developers are sending reports to Microsoft, and problems found or reported to Microsoft are fixed in Service Packs, which may result in incompatibilities."

AUTHOR

Samba is written by The Samba Team as Open Source. This man page was written by Matthew Geddes, Luke Kenneth Casson, and Gerald Carter.