54
57
use only by developers and generate HUGE amounts of log
55
58
data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
56
59
override the <a class="link" href="smb.conf.5.html#LOGLEVEL" target="_top">log level</a> parameter
57
in the <code class="filename">smb.conf</code> file.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id2481566"></a><h2>COMMANDS</h2><div class="refsect2" lang="en"><a name="id2481572"></a><h3>CHANGESECRETPW</h3><p>This command allows the Samba machine account password to be set from an external application
60
in the <code class="filename">smb.conf</code> file.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id2481585"></a><h2>COMMANDS</h2><div class="refsect2" lang="en"><a name="id2481591"></a><h3>CHANGESECRETPW</h3><p>This command allows the Samba machine account password to be set from an external application
58
61
to a machine account password that has already been stored in Active Directory. DO NOT USE this command
59
62
unless you know exactly what you are doing. The use of this command requires that the force flag (-f)
60
63
be used also. There will be NO command prompt. Whatever information is piped into stdin, either by
61
64
typing at the command line or otherwise, will be stored as the literal machine password. Do NOT use
62
65
this without care and attention as it will overwrite a legitimate machine password without warning.
63
66
YOU HAVE BEEN WARNED.
64
</p></div><div class="refsect2" lang="en"><a name="id2481593"></a><h3>TIME</h3><p>The <code class="literal">NET TIME</code> command allows you to view the time on a remote server
65
or synchronise the time on the local server with the time on the remote server.</p><div class="refsect3" lang="en"><a name="id2481610"></a><h4>TIME</h4><p>Without any options, the <code class="literal">NET TIME</code> command
67
</p></div><div class="refsect2" lang="en"><a name="id2481612"></a><h3>TIME</h3><p>The <code class="literal">NET TIME</code> command allows you to view the time on a remote server
68
or synchronise the time on the local server with the time on the remote server.</p><div class="refsect3" lang="en"><a name="id2481629"></a><h4>TIME</h4><p>Without any options, the <code class="literal">NET TIME</code> command
66
69
displays the time on the remote server.
67
</p></div><div class="refsect3" lang="en"><a name="id2481626"></a><h4>TIME SYSTEM</h4><p>Displays the time on the remote server in a format ready for <code class="literal">/bin/date</code>.</p></div><div class="refsect3" lang="en"><a name="id2481643"></a><h4>TIME SET</h4><p>Tries to set the date and time of the local server to that on
68
the remote server using <code class="literal">/bin/date</code>. </p></div><div class="refsect3" lang="en"><a name="id2481661"></a><h4>TIME ZONE</h4><p>Displays the timezone in hours from GMT on the remote computer.</p></div></div><div class="refsect2" lang="en"><a name="id2481673"></a><h3>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]</h3><p>
70
</p></div><div class="refsect3" lang="en"><a name="id2481645"></a><h4>TIME SYSTEM</h4><p>Displays the time on the remote server in a format ready for <code class="literal">/bin/date</code>.</p></div><div class="refsect3" lang="en"><a name="id2481662"></a><h4>TIME SET</h4><p>Tries to set the date and time of the local server to that on
71
the remote server using <code class="literal">/bin/date</code>. </p></div><div class="refsect3" lang="en"><a name="id2481680"></a><h4>TIME ZONE</h4><p>Displays the timezone in hours from GMT on the remote computer.</p></div></div><div class="refsect2" lang="en"><a name="id2481692"></a><h3>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]</h3><p>
69
72
Join a domain. If the account already exists on the server, and
70
73
[TYPE] is MEMBER, the machine will attempt to join automatically.
71
74
(Assuming that the machine has been created in server manager)
82
85
a '/'. Please note that '\' is used for escape by both the shell
83
86
and ldap, so it may need to be doubled or quadrupled to pass through,
84
87
and it is not used as a delimiter.
85
</p></div><div class="refsect2" lang="en"><a name="id2481707"></a><h3>[RPC] OLDJOIN [options]</h3><p>Join a domain. Use the OLDJOIN option to join the domain
88
</p></div><div class="refsect2" lang="en"><a name="id2481726"></a><h3>[RPC] OLDJOIN [options]</h3><p>Join a domain. Use the OLDJOIN option to join the domain
86
89
using the old style of domain joining - you need to create a trust
87
account in server manager first.</p></div><div class="refsect2" lang="en"><a name="id2481720"></a><h3>[RPC|ADS] USER</h3><div class="refsect3" lang="en"><a name="id2481726"></a><h4>[RPC|ADS] USER</h4><p>List all users</p></div><div class="refsect3" lang="en"><a name="id2481736"></a><h4>[RPC|ADS] USER DELETE <em class="replaceable"><code>target</code></em></h4><p>Delete specified user</p></div><div class="refsect3" lang="en"><a name="id2481748"></a><h4>[RPC|ADS] USER INFO <em class="replaceable"><code>target</code></em></h4><p>List the domain groups of the specified user.</p></div><div class="refsect3" lang="en"><a name="id2481761"></a><h4>[RPC|ADS] USER RENAME <em class="replaceable"><code>oldname</code></em> <em class="replaceable"><code>newname</code></em></h4><p>Rename specified user.</p></div><div class="refsect3" lang="en"><a name="id2481776"></a><h4>[RPC|ADS] USER ADD <em class="replaceable"><code>name</code></em> [password] [-F user flags] [-C comment]</h4><p>Add specified user.</p></div></div><div class="refsect2" lang="en"><a name="id2481791"></a><h3>[RPC|ADS] GROUP</h3><div class="refsect3" lang="en"><a name="id2481797"></a><h4>[RPC|ADS] GROUP [misc options] [targets]</h4><p>List user groups.</p></div><div class="refsect3" lang="en"><a name="id2481808"></a><h4>[RPC|ADS] GROUP DELETE <em class="replaceable"><code>name</code></em> [misc. options]</h4><p>Delete specified group.</p></div><div class="refsect3" lang="en"><a name="id2481821"></a><h4>[RPC|ADS] GROUP ADD <em class="replaceable"><code>name</code></em> [-C comment]</h4><p>Create specified group.</p></div></div><div class="refsect2" lang="en"><a name="id2481836"></a><h3>[RAP|RPC] SHARE</h3><div class="refsect3" lang="en"><a name="id2481842"></a><h4>[RAP|RPC] SHARE [misc. options] [targets]</h4><p>Enumerates all exported resources (network shares) on target server.</p></div><div class="refsect3" lang="en"><a name="id2481853"></a><h4>[RAP|RPC] SHARE ADD <em class="replaceable"><code>name=serverpath</code></em> [-C comment] [-M maxusers] [targets]</h4><p>Adds a share from a server (makes the export active). Maxusers
90
account in server manager first.</p></div><div class="refsect2" lang="en"><a name="id2481739"></a><h3>[RPC|ADS] USER</h3><div class="refsect3" lang="en"><a name="id2481744"></a><h4>[RPC|ADS] USER</h4><p>List all users</p></div><div class="refsect3" lang="en"><a name="id2481755"></a><h4>[RPC|ADS] USER DELETE <em class="replaceable"><code>target</code></em></h4><p>Delete specified user</p></div><div class="refsect3" lang="en"><a name="id2481767"></a><h4>[RPC|ADS] USER INFO <em class="replaceable"><code>target</code></em></h4><p>List the domain groups of the specified user.</p></div><div class="refsect3" lang="en"><a name="id2481780"></a><h4>[RPC|ADS] USER RENAME <em class="replaceable"><code>oldname</code></em> <em class="replaceable"><code>newname</code></em></h4><p>Rename specified user.</p></div><div class="refsect3" lang="en"><a name="id2481795"></a><h4>[RPC|ADS] USER ADD <em class="replaceable"><code>name</code></em> [password] [-F user flags] [-C comment]</h4><p>Add specified user.</p></div></div><div class="refsect2" lang="en"><a name="id2481810"></a><h3>[RPC|ADS] GROUP</h3><div class="refsect3" lang="en"><a name="id2481816"></a><h4>[RPC|ADS] GROUP [misc options] [targets]</h4><p>List user groups.</p></div><div class="refsect3" lang="en"><a name="id2481827"></a><h4>[RPC|ADS] GROUP DELETE <em class="replaceable"><code>name</code></em> [misc. options]</h4><p>Delete specified group.</p></div><div class="refsect3" lang="en"><a name="id2481840"></a><h4>[RPC|ADS] GROUP ADD <em class="replaceable"><code>name</code></em> [-C comment]</h4><p>Create specified group.</p></div></div><div class="refsect2" lang="en"><a name="id2481855"></a><h3>[RAP|RPC] SHARE</h3><div class="refsect3" lang="en"><a name="id2481860"></a><h4>[RAP|RPC] SHARE [misc. options] [targets]</h4><p>Enumerates all exported resources (network shares) on target server.</p></div><div class="refsect3" lang="en"><a name="id2481872"></a><h4>[RAP|RPC] SHARE ADD <em class="replaceable"><code>name=serverpath</code></em> [-C comment] [-M maxusers] [targets]</h4><p>Adds a share from a server (makes the export active). Maxusers
88
91
specifies the number of users that can be connected to the
89
share simultaneously.</p></div><div class="refsect3" lang="en"><a name="id2481870"></a><h4>SHARE DELETE <em class="replaceable"><code>sharename</code></em></h4><p>Delete specified share.</p></div></div><div class="refsect2" lang="en"><a name="id2481883"></a><h3>[RPC|RAP] FILE</h3><div class="refsect3" lang="en"><a name="id2481889"></a><h4>[RPC|RAP] FILE</h4><p>List all open files on remote server.</p></div><div class="refsect3" lang="en"><a name="id2481900"></a><h4>[RPC|RAP] FILE CLOSE <em class="replaceable"><code>fileid</code></em></h4><p>Close file with specified <em class="replaceable"><code>fileid</code></em> on
90
remote server.</p></div><div class="refsect3" lang="en"><a name="id2481916"></a><h4>[RPC|RAP] FILE INFO <em class="replaceable"><code>fileid</code></em></h4><p>
92
share simultaneously.</p></div><div class="refsect3" lang="en"><a name="id2481889"></a><h4>SHARE DELETE <em class="replaceable"><code>sharename</code></em></h4><p>Delete specified share.</p></div></div><div class="refsect2" lang="en"><a name="id2481902"></a><h3>[RPC|RAP] FILE</h3><div class="refsect3" lang="en"><a name="id2481908"></a><h4>[RPC|RAP] FILE</h4><p>List all open files on remote server.</p></div><div class="refsect3" lang="en"><a name="id2481919"></a><h4>[RPC|RAP] FILE CLOSE <em class="replaceable"><code>fileid</code></em></h4><p>Close file with specified <em class="replaceable"><code>fileid</code></em> on
93
remote server.</p></div><div class="refsect3" lang="en"><a name="id2481935"></a><h4>[RPC|RAP] FILE INFO <em class="replaceable"><code>fileid</code></em></h4><p>
91
94
Print information on specified <em class="replaceable"><code>fileid</code></em>.
92
95
Currently listed are: file-id, username, locks, path, permissions.
93
</p></div><div class="refsect3" lang="en"><a name="id2481932"></a><h4>[RAP|RPC] FILE USER <em class="replaceable"><code>user</code></em></h4><p>
96
</p></div><div class="refsect3" lang="en"><a name="id2481951"></a><h4>[RAP|RPC] FILE USER <em class="replaceable"><code>user</code></em></h4><p>
94
97
List files opened by specified <em class="replaceable"><code>user</code></em>.
95
98
Please note that <code class="literal">net rap file user</code> does not work
96
99
against Samba servers.
97
</p></div></div><div class="refsect2" lang="en"><a name="id2481956"></a><h3>SESSION</h3><div class="refsect3" lang="en"><a name="id2481962"></a><h4>RAP SESSION</h4><p>Without any other options, SESSION enumerates all active SMB/CIFS
98
sessions on the target server.</p></div><div class="refsect3" lang="en"><a name="id2481973"></a><h4>RAP SESSION DELETE|CLOSE <em class="replaceable"><code>CLIENT_NAME</code></em></h4><p>Close the specified sessions.</p></div><div class="refsect3" lang="en"><a name="id2481985"></a><h4>RAP SESSION INFO <em class="replaceable"><code>CLIENT_NAME</code></em></h4><p>Give a list with all the open files in specified session.</p></div></div><div class="refsect2" lang="en"><a name="id2482000"></a><h3>RAP SERVER <em class="replaceable"><code>DOMAIN</code></em></h3><p>List all servers in specified domain or workgroup. Defaults
99
to local domain.</p></div><div class="refsect2" lang="en"><a name="id2482014"></a><h3>RAP DOMAIN</h3><p>Lists all domains and workgroups visible on the
100
current network.</p></div><div class="refsect2" lang="en"><a name="id2482025"></a><h3>RAP PRINTQ</h3><div class="refsect3" lang="en"><a name="id2482030"></a><h4>RAP PRINTQ INFO <em class="replaceable"><code>QUEUE_NAME</code></em></h4><p>Lists the specified print queue and print jobs on the server.
100
</p></div></div><div class="refsect2" lang="en"><a name="id2481975"></a><h3>SESSION</h3><div class="refsect3" lang="en"><a name="id2481981"></a><h4>RAP SESSION</h4><p>Without any other options, SESSION enumerates all active SMB/CIFS
101
sessions on the target server.</p></div><div class="refsect3" lang="en"><a name="id2481992"></a><h4>RAP SESSION DELETE|CLOSE <em class="replaceable"><code>CLIENT_NAME</code></em></h4><p>Close the specified sessions.</p></div><div class="refsect3" lang="en"><a name="id2482004"></a><h4>RAP SESSION INFO <em class="replaceable"><code>CLIENT_NAME</code></em></h4><p>Give a list with all the open files in specified session.</p></div></div><div class="refsect2" lang="en"><a name="id2482019"></a><h3>RAP SERVER <em class="replaceable"><code>DOMAIN</code></em></h3><p>List all servers in specified domain or workgroup. Defaults
102
to local domain.</p></div><div class="refsect2" lang="en"><a name="id2482032"></a><h3>RAP DOMAIN</h3><p>Lists all domains and workgroups visible on the
103
current network.</p></div><div class="refsect2" lang="en"><a name="id2482044"></a><h3>RAP PRINTQ</h3><div class="refsect3" lang="en"><a name="id2482049"></a><h4>RAP PRINTQ INFO <em class="replaceable"><code>QUEUE_NAME</code></em></h4><p>Lists the specified print queue and print jobs on the server.
101
104
If the <em class="replaceable"><code>QUEUE_NAME</code></em> is omitted, all
102
queues are listed.</p></div><div class="refsect3" lang="en"><a name="id2482048"></a><h4>RAP PRINTQ DELETE <em class="replaceable"><code>JOBID</code></em></h4><p>Delete job with specified id.</p></div></div><div class="refsect2" lang="en"><a name="id2532525"></a><h3>RAP VALIDATE <em class="replaceable"><code>user</code></em> [<em class="replaceable"><code>password</code></em>]</h3><p>
105
queues are listed.</p></div><div class="refsect3" lang="en"><a name="id2532530"></a><h4>RAP PRINTQ DELETE <em class="replaceable"><code>JOBID</code></em></h4><p>Delete job with specified id.</p></div></div><div class="refsect2" lang="en"><a name="id2532543"></a><h3>RAP VALIDATE <em class="replaceable"><code>user</code></em> [<em class="replaceable"><code>password</code></em>]</h3><p>
103
106
Validate whether the specified user can log in to the
104
107
remote server. If the password is not specified on the commandline, it
105
108
will be prompted.
106
</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect2" lang="en"><a name="id2532548"></a><h3>RAP GROUPMEMBER</h3><div class="refsect3" lang="en"><a name="id2532553"></a><h4>RAP GROUPMEMBER LIST <em class="replaceable"><code>GROUP</code></em></h4><p>List all members of the specified group.</p></div><div class="refsect3" lang="en"><a name="id2532566"></a><h4>RAP GROUPMEMBER DELETE <em class="replaceable"><code>GROUP</code></em> <em class="replaceable"><code>USER</code></em></h4><p>Delete member from group.</p></div><div class="refsect3" lang="en"><a name="id2532581"></a><h4>RAP GROUPMEMBER ADD <em class="replaceable"><code>GROUP</code></em> <em class="replaceable"><code>USER</code></em></h4><p>Add member to group.</p></div></div><div class="refsect2" lang="en"><a name="id2532597"></a><h3>RAP ADMIN <em class="replaceable"><code>command</code></em></h3><p>Execute the specified <em class="replaceable"><code>command</code></em> on
109
</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect2" lang="en"><a name="id2532566"></a><h3>RAP GROUPMEMBER</h3><div class="refsect3" lang="en"><a name="id2532571"></a><h4>RAP GROUPMEMBER LIST <em class="replaceable"><code>GROUP</code></em></h4><p>List all members of the specified group.</p></div><div class="refsect3" lang="en"><a name="id2532584"></a><h4>RAP GROUPMEMBER DELETE <em class="replaceable"><code>GROUP</code></em> <em class="replaceable"><code>USER</code></em></h4><p>Delete member from group.</p></div><div class="refsect3" lang="en"><a name="id2532599"></a><h4>RAP GROUPMEMBER ADD <em class="replaceable"><code>GROUP</code></em> <em class="replaceable"><code>USER</code></em></h4><p>Add member to group.</p></div></div><div class="refsect2" lang="en"><a name="id2532615"></a><h3>RAP ADMIN <em class="replaceable"><code>command</code></em></h3><p>Execute the specified <em class="replaceable"><code>command</code></em> on
107
110
the remote server. Only works with OS/2 servers.
108
</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect2" lang="en"><a name="id2532617"></a><h3>RAP SERVICE</h3><div class="refsect3" lang="en"><a name="id2532622"></a><h4>RAP SERVICE START <em class="replaceable"><code>NAME</code></em> [arguments...]</h4><p>Start the specified service on the remote server. Not implemented yet.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect3" lang="en"><a name="id2532641"></a><h4>RAP SERVICE STOP</h4><p>Stop the specified service on the remote server.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div></div><div class="refsect2" lang="en"><a name="id2532657"></a><h3>RAP PASSWORD <em class="replaceable"><code>USER</code></em> <em class="replaceable"><code>OLDPASS</code></em> <em class="replaceable"><code>NEWPASS</code></em></h3><p>
111
</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect2" lang="en"><a name="id2532635"></a><h3>RAP SERVICE</h3><div class="refsect3" lang="en"><a name="id2532640"></a><h4>RAP SERVICE START <em class="replaceable"><code>NAME</code></em> [arguments...]</h4><p>Start the specified service on the remote server. Not implemented yet.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect3" lang="en"><a name="id2532659"></a><h4>RAP SERVICE STOP</h4><p>Stop the specified service on the remote server.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div></div><div class="refsect2" lang="en"><a name="id2532675"></a><h3>RAP PASSWORD <em class="replaceable"><code>USER</code></em> <em class="replaceable"><code>OLDPASS</code></em> <em class="replaceable"><code>NEWPASS</code></em></h3><p>
109
112
Change password of <em class="replaceable"><code>USER</code></em> from <em class="replaceable"><code>OLDPASS</code></em> to <em class="replaceable"><code>NEWPASS</code></em>.
110
</p></div><div class="refsect2" lang="en"><a name="id2532684"></a><h3>LOOKUP</h3><div class="refsect3" lang="en"><a name="id2532690"></a><h4>LOOKUP HOST <em class="replaceable"><code>HOSTNAME</code></em> [<em class="replaceable"><code>TYPE</code></em>]</h4><p>
113
</p></div><div class="refsect2" lang="en"><a name="id2532702"></a><h3>LOOKUP</h3><div class="refsect3" lang="en"><a name="id2532708"></a><h4>LOOKUP HOST <em class="replaceable"><code>HOSTNAME</code></em> [<em class="replaceable"><code>TYPE</code></em>]</h4><p>
111
114
Lookup the IP address of the given host with the specified type (netbios suffix).
112
115
The type defaults to 0x20 (workstation).
113
</p></div><div class="refsect3" lang="en"><a name="id2532708"></a><h4>LOOKUP LDAP [<em class="replaceable"><code>DOMAIN</code></em>]</h4><p>Give IP address of LDAP server of specified <em class="replaceable"><code>DOMAIN</code></em>. Defaults to local domain.</p></div><div class="refsect3" lang="en"><a name="id2532725"></a><h4>LOOKUP KDC [<em class="replaceable"><code>REALM</code></em>]</h4><p>Give IP address of KDC for the specified <em class="replaceable"><code>REALM</code></em>.
114
Defaults to local realm.</p></div><div class="refsect3" lang="en"><a name="id2532742"></a><h4>LOOKUP DC [<em class="replaceable"><code>DOMAIN</code></em>]</h4><p>Give IP's of Domain Controllers for specified <em class="replaceable"><code>
115
DOMAIN</code></em>. Defaults to local domain.</p></div><div class="refsect3" lang="en"><a name="id2532759"></a><h4>LOOKUP MASTER <em class="replaceable"><code>DOMAIN</code></em></h4><p>Give IP of master browser for specified <em class="replaceable"><code>DOMAIN</code></em>
116
or workgroup. Defaults to local domain.</p></div></div><div class="refsect2" lang="en"><a name="id2532776"></a><h3>CACHE</h3><p>Samba uses a general caching interface called 'gencache'. It
116
</p></div><div class="refsect3" lang="en"><a name="id2532726"></a><h4>LOOKUP LDAP [<em class="replaceable"><code>DOMAIN</code></em>]</h4><p>Give IP address of LDAP server of specified <em class="replaceable"><code>DOMAIN</code></em>. Defaults to local domain.</p></div><div class="refsect3" lang="en"><a name="id2532743"></a><h4>LOOKUP KDC [<em class="replaceable"><code>REALM</code></em>]</h4><p>Give IP address of KDC for the specified <em class="replaceable"><code>REALM</code></em>.
117
Defaults to local realm.</p></div><div class="refsect3" lang="en"><a name="id2532760"></a><h4>LOOKUP DC [<em class="replaceable"><code>DOMAIN</code></em>]</h4><p>Give IP's of Domain Controllers for specified <em class="replaceable"><code>
118
DOMAIN</code></em>. Defaults to local domain.</p></div><div class="refsect3" lang="en"><a name="id2532777"></a><h4>LOOKUP MASTER <em class="replaceable"><code>DOMAIN</code></em></h4><p>Give IP of master browser for specified <em class="replaceable"><code>DOMAIN</code></em>
119
or workgroup. Defaults to local domain.</p></div></div><div class="refsect2" lang="en"><a name="id2532794"></a><h3>CACHE</h3><p>Samba uses a general caching interface called 'gencache'. It
117
120
can be controlled using 'NET CACHE'.</p><p>All the timeout parameters support the suffixes:
119
122
</p><table class="simplelist" border="0" summary="Simple list"><tr><td>s - Seconds</td></tr><tr><td>m - Minutes</td></tr><tr><td>h - Hours</td></tr><tr><td>d - Days</td></tr><tr><td>w - Weeks</td></tr></table><p>
121
</p><div class="refsect3" lang="en"><a name="id2532812"></a><h4>CACHE ADD <em class="replaceable"><code>key</code></em> <em class="replaceable"><code>data</code></em> <em class="replaceable"><code>time-out</code></em></h4><p>Add specified key+data to the cache with the given timeout.</p></div><div class="refsect3" lang="en"><a name="id2532831"></a><h4>CACHE DEL <em class="replaceable"><code>key</code></em></h4><p>Delete key from the cache.</p></div><div class="refsect3" lang="en"><a name="id2532843"></a><h4>CACHE SET <em class="replaceable"><code>key</code></em> <em class="replaceable"><code>data</code></em> <em class="replaceable"><code>time-out</code></em></h4><p>Update data of existing cache entry.</p></div><div class="refsect3" lang="en"><a name="id2532862"></a><h4>CACHE SEARCH <em class="replaceable"><code>PATTERN</code></em></h4><p>Search for the specified pattern in the cache data.</p></div><div class="refsect3" lang="en"><a name="id2532874"></a><h4>CACHE LIST</h4><p>
124
</p><div class="refsect3" lang="en"><a name="id2532830"></a><h4>CACHE ADD <em class="replaceable"><code>key</code></em> <em class="replaceable"><code>data</code></em> <em class="replaceable"><code>time-out</code></em></h4><p>Add specified key+data to the cache with the given timeout.</p></div><div class="refsect3" lang="en"><a name="id2532849"></a><h4>CACHE DEL <em class="replaceable"><code>key</code></em></h4><p>Delete key from the cache.</p></div><div class="refsect3" lang="en"><a name="id2532861"></a><h4>CACHE SET <em class="replaceable"><code>key</code></em> <em class="replaceable"><code>data</code></em> <em class="replaceable"><code>time-out</code></em></h4><p>Update data of existing cache entry.</p></div><div class="refsect3" lang="en"><a name="id2532880"></a><h4>CACHE SEARCH <em class="replaceable"><code>PATTERN</code></em></h4><p>Search for the specified pattern in the cache data.</p></div><div class="refsect3" lang="en"><a name="id2532892"></a><h4>CACHE LIST</h4><p>
122
125
List all current items in the cache.
123
</p></div><div class="refsect3" lang="en"><a name="id2532885"></a><h4>CACHE FLUSH</h4><p>Remove all the current items from the cache.</p></div></div><div class="refsect2" lang="en"><a name="id2532896"></a><h3>GETLOCALSID [DOMAIN]</h3><p>Prints the SID of the specified domain, or if the parameter is
124
omitted, the SID of the local server.</p></div><div class="refsect2" lang="en"><a name="id2532908"></a><h3>SETLOCALSID S-1-5-21-x-y-z</h3><p>Sets SID for the local server to the specified SID.</p></div><div class="refsect2" lang="en"><a name="id2532918"></a><h3>GETDOMAINSID</h3><p>Prints the local machine SID and the SID of the current
125
domain.</p></div><div class="refsect2" lang="en"><a name="id2532929"></a><h3>SETDOMAINSID</h3><p>Sets the SID of the current domain.</p></div><div class="refsect2" lang="en"><a name="id2532939"></a><h3>GROUPMAP</h3><p>Manage the mappings between Windows group SIDs and UNIX groups.
126
</p></div><div class="refsect3" lang="en"><a name="id2532903"></a><h4>CACHE FLUSH</h4><p>Remove all the current items from the cache.</p></div></div><div class="refsect2" lang="en"><a name="id2532914"></a><h3>GETLOCALSID [DOMAIN]</h3><p>Prints the SID of the specified domain, or if the parameter is
127
omitted, the SID of the local server.</p></div><div class="refsect2" lang="en"><a name="id2532926"></a><h3>SETLOCALSID S-1-5-21-x-y-z</h3><p>Sets SID for the local server to the specified SID.</p></div><div class="refsect2" lang="en"><a name="id2532936"></a><h3>GETDOMAINSID</h3><p>Prints the local machine SID and the SID of the current
128
domain.</p></div><div class="refsect2" lang="en"><a name="id2532947"></a><h3>SETDOMAINSID</h3><p>Sets the SID of the current domain.</p></div><div class="refsect2" lang="en"><a name="id2532957"></a><h3>GROUPMAP</h3><p>Manage the mappings between Windows group SIDs and UNIX groups.
126
129
Common options include:</p><div class="itemizedlist"><ul type="disc"><li><p>unixgroup - Name of the UNIX group</p></li><li><p>ntgroup - Name of the Windows NT group (must be
127
130
resolvable to a SID</p></li><li><p>rid - Unsigned 32-bit integer</p></li><li><p>sid - Full SID in the form of "S-1-..."</p></li><li><p>type - Type of the group; either 'domain', 'local',
128
or 'builtin'</p></li><li><p>comment - Freeform text description of the group</p></li></ul></div><div class="refsect3" lang="en"><a name="id2532982"></a><h4>GROUPMAP ADD</h4><p>
131
or 'builtin'</p></li><li><p>comment - Freeform text description of the group</p></li></ul></div><div class="refsect3" lang="en"><a name="id2533000"></a><h4>GROUPMAP ADD</h4><p>
129
132
Add a new group mapping entry:
130
133
</p><pre class="programlisting">
131
134
net groupmap add {rid=int|sid=string} unixgroup=string \
132
135
[type={domain|local}] [ntgroup=string] [comment=string]
134
</p></div><div class="refsect3" lang="en"><a name="id2532999"></a><h4>GROUPMAP DELETE</h4><p>Delete a group mapping entry. If more than one group name matches, the first entry found is deleted.</p><p>net groupmap delete {ntgroup=string|sid=SID}</p></div><div class="refsect3" lang="en"><a name="id2533014"></a><h4>GROUPMAP MODIFY</h4><p>Update en existing group entry.</p><p>
137
</p></div><div class="refsect3" lang="en"><a name="id2533017"></a><h4>GROUPMAP DELETE</h4><p>Delete a group mapping entry. If more than one group name matches, the first entry found is deleted.</p><p>net groupmap delete {ntgroup=string|sid=SID}</p></div><div class="refsect3" lang="en"><a name="id2533032"></a><h4>GROUPMAP MODIFY</h4><p>Update en existing group entry.</p><p>
135
138
</p><pre class="programlisting">
136
139
net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \
137
140
[comment=string] [type={domain|local}]
139
</p></div><div class="refsect3" lang="en"><a name="id2533034"></a><h4>GROUPMAP LIST</h4><p>List existing group mapping entries.</p><p>net groupmap list [verbose] [ntgroup=string] [sid=SID]</p></div></div><div class="refsect2" lang="en"><a name="id2533050"></a><h3>MAXRID</h3><p>Prints out the highest RID currently in use on the local
142
</p></div><div class="refsect3" lang="en"><a name="id2533052"></a><h4>GROUPMAP LIST</h4><p>List existing group mapping entries.</p><p>net groupmap list [verbose] [ntgroup=string] [sid=SID]</p></div></div><div class="refsect2" lang="en"><a name="id2533068"></a><h3>MAXRID</h3><p>Prints out the highest RID currently in use on the local
140
143
server (by the active 'passdb backend').
141
</p></div><div class="refsect2" lang="en"><a name="id2533061"></a><h3>RPC INFO</h3><p>Print information about the domain of the remote server,
144
</p></div><div class="refsect2" lang="en"><a name="id2533080"></a><h3>RPC INFO</h3><p>Print information about the domain of the remote server,
142
145
such as domain name, domain sid and number of users and groups.
143
</p></div><div class="refsect2" lang="en"><a name="id2533073"></a><h3>[RPC|ADS] TESTJOIN</h3><p>Check whether participation in a domain is still valid.</p></div><div class="refsect2" lang="en"><a name="id2533084"></a><h3>[RPC|ADS] CHANGETRUSTPW</h3><p>Force change of domain trust password.</p></div><div class="refsect2" lang="en"><a name="id2533094"></a><h3>RPC TRUSTDOM</h3><div class="refsect3" lang="en"><a name="id2533100"></a><h4>RPC TRUSTDOM ADD <em class="replaceable"><code>DOMAIN</code></em></h4><p>Add a interdomain trust account for <em class="replaceable"><code>DOMAIN</code></em>.
146
</p></div><div class="refsect2" lang="en"><a name="id2533091"></a><h3>[RPC|ADS] TESTJOIN</h3><p>Check whether participation in a domain is still valid.</p></div><div class="refsect2" lang="en"><a name="id2533102"></a><h3>[RPC|ADS] CHANGETRUSTPW</h3><p>Force change of domain trust password.</p></div><div class="refsect2" lang="en"><a name="id2533112"></a><h3>RPC TRUSTDOM</h3><div class="refsect3" lang="en"><a name="id2533118"></a><h4>RPC TRUSTDOM ADD <em class="replaceable"><code>DOMAIN</code></em></h4><p>Add a interdomain trust account for <em class="replaceable"><code>DOMAIN</code></em>.
144
147
This is in fact a Samba account named <em class="replaceable"><code>DOMAIN$</code></em>
145
148
with the account flag <code class="constant">'I'</code> (interdomain trust account).
146
149
If the command is used against localhost it has the same effect as
147
150
<code class="literal">smbpasswd -a -i DOMAIN</code>. Please note that both commands
148
151
expect a appropriate UNIX account.
149
</p></div><div class="refsect3" lang="en"><a name="id2533131"></a><h4>RPC TRUSTDOM DEL <em class="replaceable"><code>DOMAIN</code></em></h4><p>Remove interdomain trust account for
152
</p></div><div class="refsect3" lang="en"><a name="id2533149"></a><h4>RPC TRUSTDOM DEL <em class="replaceable"><code>DOMAIN</code></em></h4><p>Remove interdomain trust account for
150
153
<em class="replaceable"><code>DOMAIN</code></em>. If it is used against localhost
151
154
it has the same effect as <code class="literal">smbpasswd -x DOMAIN$</code>.
152
</p></div><div class="refsect3" lang="en"><a name="id2533153"></a><h4>RPC TRUSTDOM ESTABLISH <em class="replaceable"><code>DOMAIN</code></em></h4><p>
155
</p></div><div class="refsect3" lang="en"><a name="id2533171"></a><h4>RPC TRUSTDOM ESTABLISH <em class="replaceable"><code>DOMAIN</code></em></h4><p>
153
156
Establish a trust relationship to a trusting domain.
154
157
Interdomain account must already be created on the remote PDC.
155
</p></div><div class="refsect3" lang="en"><a name="id2533167"></a><h4>RPC TRUSTDOM REVOKE <em class="replaceable"><code>DOMAIN</code></em></h4><p>Abandon relationship to trusted domain</p></div><div class="refsect3" lang="en"><a name="id2533179"></a><h4>RPC TRUSTDOM LIST</h4><p>List all current interdomain trust relationships.</p></div><div class="refsect3" lang="en"><a name="id2533190"></a><h4>RPC RIGHTS</h4><p>This subcommand is used to view and manage Samba's rights assignments (also
158
</p></div><div class="refsect3" lang="en"><a name="id2533185"></a><h4>RPC TRUSTDOM REVOKE <em class="replaceable"><code>DOMAIN</code></em></h4><p>Abandon relationship to trusted domain</p></div><div class="refsect3" lang="en"><a name="id2533197"></a><h4>RPC TRUSTDOM LIST</h4><p>List all current interdomain trust relationships.</p></div><div class="refsect3" lang="en"><a name="id2533208"></a><h4>RPC RIGHTS</h4><p>This subcommand is used to view and manage Samba's rights assignments (also
156
159
referred to as privileges). There are three options currently available:
157
160
<em class="parameter"><code>list</code></em>, <em class="parameter"><code>grant</code></em>, and
158
161
<em class="parameter"><code>revoke</code></em>. More details on Samba's privilege model and its use
159
can be found in the Samba-HOWTO-Collection.</p></div></div><div class="refsect2" lang="en"><a name="id2533220"></a><h3>RPC ABORTSHUTDOWN</h3><p>Abort the shutdown of a remote server.</p></div><div class="refsect2" lang="en"><a name="id2533231"></a><h3>RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]</h3><p>Shut down the remote server.</p><div class="variablelist"><dl><dt><span class="term">-r</span></dt><dd><p>
162
can be found in the Samba-HOWTO-Collection.</p></div></div><div class="refsect2" lang="en"><a name="id2533239"></a><h3>RPC ABORTSHUTDOWN</h3><p>Abort the shutdown of a remote server.</p></div><div class="refsect2" lang="en"><a name="id2533249"></a><h3>RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]</h3><p>Shut down the remote server.</p><div class="variablelist"><dl><dt><span class="term">-r</span></dt><dd><p>
160
163
Reboot after shutdown.
161
164
</p></dd><dt><span class="term">-f</span></dt><dd><p>
162
165
Force shutting down all applications.
164
167
Timeout before system will be shut down. An interactive
165
168
user of the system can use this time to cancel the shutdown.
166
169
</p></dd><dt><span class="term">-C message</span></dt><dd><p>Display the specified message on the screen to
167
announce the shutdown.</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id2533292"></a><h3>RPC SAMDUMP</h3><p>Print out sam database of remote server. You need
168
to run this against the PDC, from a Samba machine joined as a BDC. </p></div><div class="refsect2" lang="en"><a name="id2533303"></a><h3>RPC VAMPIRE</h3><p>Export users, aliases and groups from remote server to
170
announce the shutdown.</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id2533310"></a><h3>RPC SAMDUMP</h3><p>Print out sam database of remote server. You need
171
to run this against the PDC, from a Samba machine joined as a BDC. </p></div><div class="refsect2" lang="en"><a name="id2533321"></a><h3>RPC VAMPIRE</h3><p>Export users, aliases and groups from remote server to
169
172
local server. You need to run this against the PDC, from a Samba machine joined as a BDC.
170
</p></div><div class="refsect2" lang="en"><a name="id2533316"></a><h3>RPC VAMPIRE KEYTAB</h3><p>Dump remote SAM database to local Kerberos keytab file.
171
</p></div><div class="refsect2" lang="en"><a name="id2533326"></a><h3>RPC VAMPIRE LDIF</h3><p>Dump remote SAM database to local LDIF file or standard output.
172
</p></div><div class="refsect2" lang="en"><a name="id2533337"></a><h3>RPC GETSID</h3><p>Fetch domain SID and store it in the local <code class="filename">secrets.tdb</code>. </p></div><div class="refsect2" lang="en"><a name="id2533353"></a><h3>ADS LEAVE</h3><p>Make the remote host leave the domain it is part of. </p></div><div class="refsect2" lang="en"><a name="id2533363"></a><h3>ADS STATUS</h3><p>Print out status of machine account of the local machine in ADS.
173
</p></div><div class="refsect2" lang="en"><a name="id2533334"></a><h3>RPC VAMPIRE KEYTAB</h3><p>Dump remote SAM database to local Kerberos keytab file.
174
</p></div><div class="refsect2" lang="en"><a name="id2533344"></a><h3>RPC VAMPIRE LDIF</h3><p>Dump remote SAM database to local LDIF file or standard output.
175
</p></div><div class="refsect2" lang="en"><a name="id2533355"></a><h3>RPC GETSID</h3><p>Fetch domain SID and store it in the local <code class="filename">secrets.tdb</code>. </p></div><div class="refsect2" lang="en"><a name="id2533371"></a><h3>ADS LEAVE</h3><p>Make the remote host leave the domain it is part of. </p></div><div class="refsect2" lang="en"><a name="id2533381"></a><h3>ADS STATUS</h3><p>Print out status of machine account of the local machine in ADS.
173
176
Prints out quite some debug info. Aimed at developers, regular
174
users should use <code class="literal">NET ADS TESTJOIN</code>.</p></div><div class="refsect2" lang="en"><a name="id2533381"></a><h3>ADS PRINTER</h3><div class="refsect3" lang="en"><a name="id2533386"></a><h4>ADS PRINTER INFO [<em class="replaceable"><code>PRINTER</code></em>] [<em class="replaceable"><code>SERVER</code></em>]</h4><p>
177
users should use <code class="literal">NET ADS TESTJOIN</code>.</p></div><div class="refsect2" lang="en"><a name="id2533399"></a><h3>ADS PRINTER</h3><div class="refsect3" lang="en"><a name="id2533404"></a><h4>ADS PRINTER INFO [<em class="replaceable"><code>PRINTER</code></em>] [<em class="replaceable"><code>SERVER</code></em>]</h4><p>
175
178
Lookup info for <em class="replaceable"><code>PRINTER</code></em> on <em class="replaceable"><code>SERVER</code></em>. The printer name defaults to "*", the
176
server name defaults to the local host.</p></div><div class="refsect3" lang="en"><a name="id2533410"></a><h4>ADS PRINTER PUBLISH <em class="replaceable"><code>PRINTER</code></em></h4><p>Publish specified printer using ADS.</p></div><div class="refsect3" lang="en"><a name="id2533422"></a><h4>ADS PRINTER REMOVE <em class="replaceable"><code>PRINTER</code></em></h4><p>Remove specified printer from ADS directory.</p></div></div><div class="refsect2" lang="en"><a name="id2533436"></a><h3>ADS SEARCH <em class="replaceable"><code>EXPRESSION</code></em> <em class="replaceable"><code>ATTRIBUTES...</code></em></h3><p>Perform a raw LDAP search on a ADS server and dump the results. The
179
server name defaults to the local host.</p></div><div class="refsect3" lang="en"><a name="id2533428"></a><h4>ADS PRINTER PUBLISH <em class="replaceable"><code>PRINTER</code></em></h4><p>Publish specified printer using ADS.</p></div><div class="refsect3" lang="en"><a name="id2533440"></a><h4>ADS PRINTER REMOVE <em class="replaceable"><code>PRINTER</code></em></h4><p>Remove specified printer from ADS directory.</p></div></div><div class="refsect2" lang="en"><a name="id2533454"></a><h3>ADS SEARCH <em class="replaceable"><code>EXPRESSION</code></em> <em class="replaceable"><code>ATTRIBUTES...</code></em></h3><p>Perform a raw LDAP search on a ADS server and dump the results. The
177
180
expression is a standard LDAP search expression, and the
178
181
attributes are a list of LDAP fields to show in the results.</p><p>Example: <strong class="userinput"><code>net ads search '(objectCategory=group)' sAMAccountName</code></strong>
179
</p></div><div class="refsect2" lang="en"><a name="id2533464"></a><h3>ADS DN <em class="replaceable"><code>DN</code></em> <em class="replaceable"><code>(attributes)</code></em></h3><p>
182
</p></div><div class="refsect2" lang="en"><a name="id2533482"></a><h3>ADS DN <em class="replaceable"><code>DN</code></em> <em class="replaceable"><code>(attributes)</code></em></h3><p>
180
183
Perform a raw LDAP search on a ADS server and dump the results. The
181
184
DN standard LDAP DN, and the attributes are a list of LDAP fields
182
185
to show in the result.
183
</p><p>Example: <strong class="userinput"><code>net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName</code></strong></p></div><div class="refsect2" lang="en"><a name="id2533490"></a><h3>ADS WORKGROUP</h3><p>Print out workgroup name for specified kerberos realm.</p></div><div class="refsect2" lang="en"><a name="id2533501"></a><h3>SAM CREATEBUILTINGROUP <NAME></h3><p>
186
</p><p>Example: <strong class="userinput"><code>net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName</code></strong></p></div><div class="refsect2" lang="en"><a name="id2533508"></a><h3>ADS WORKGROUP</h3><p>Print out workgroup name for specified kerberos realm.</p></div><div class="refsect2" lang="en"><a name="id2533519"></a><h3>SAM CREATEBUILTINGROUP <NAME></h3><p>
184
187
(Re)Create a BUILTIN group.
185
188
Only a wellknown set of BUILTIN groups can be created with this command.
186
189
This is the list of currently recognized group names: Administrators,
191
194
This command requires a running Winbindd with idmap allocation properly
192
195
configured. The group gid will be allocated out of the winbindd range.
193
</p></div><div class="refsect2" lang="en"><a name="id2533519"></a><h3>SAM CREATELOCALGROUP <NAME></h3><p>
196
</p></div><div class="refsect2" lang="en"><a name="id2533538"></a><h3>SAM CREATELOCALGROUP <NAME></h3><p>
194
197
Create a LOCAL group (also known as Alias).
196
199
This command requires a running Winbindd with idmap allocation properly
197
200
configured. The group gid will be allocated out of the winbindd range.
198
</p></div><div class="refsect2" lang="en"><a name="id2533533"></a><h3>SAM DELETELOCALGROUP <NAME></h3><p>
201
</p></div><div class="refsect2" lang="en"><a name="id2533551"></a><h3>SAM DELETELOCALGROUP <NAME></h3><p>
199
202
Delete an existing LOCAL group (also known as Alias).
201
</p></div><div class="refsect2" lang="en"><a name="id2533545"></a><h3>SAM MAPUNIXGROUP <NAME></h3><p>
204
</p></div><div class="refsect2" lang="en"><a name="id2533563"></a><h3>SAM MAPUNIXGROUP <NAME></h3><p>
202
205
Map an existing Unix group and make it a Domain Group, the domain group
203
206
will have the same name.
204
</p></div><div class="refsect2" lang="en"><a name="id2533557"></a><h3>SAM UNMAPUNIXGROUP <NAME></h3><p>
207
</p></div><div class="refsect2" lang="en"><a name="id2533575"></a><h3>SAM UNMAPUNIXGROUP <NAME></h3><p>
205
208
Remove an existing group mapping entry.
206
</p></div><div class="refsect2" lang="en"><a name="id2533568"></a><h3>SAM ADDMEM <GROUP> <MEMBER></h3><p>
209
</p></div><div class="refsect2" lang="en"><a name="id2533586"></a><h3>SAM ADDMEM <GROUP> <MEMBER></h3><p>
207
210
Add a member to a Local group. The group can be specified only by name,
208
211
the member can be specified by name or SID.
209
</p></div><div class="refsect2" lang="en"><a name="id2533581"></a><h3>SAM DELMEM <GROUP> <MEMBER></h3><p>
212
</p></div><div class="refsect2" lang="en"><a name="id2533599"></a><h3>SAM DELMEM <GROUP> <MEMBER></h3><p>
210
213
Remove a member from a Local group. The group and the member must be
211
214
specified by name.
212
</p></div><div class="refsect2" lang="en"><a name="id2533593"></a><h3>SAM LISTMEM <GROUP></h3><p>
215
</p></div><div class="refsect2" lang="en"><a name="id2533612"></a><h3>SAM LISTMEM <GROUP></h3><p>
213
216
List Local group members. The group must be specified by name.
214
</p></div><div class="refsect2" lang="en"><a name="id2533604"></a><h3>SAM LIST <users|groups|localgroups|builtin|workstations> [verbose]</h3><p>
217
</p></div><div class="refsect2" lang="en"><a name="id2533622"></a><h3>SAM LIST <users|groups|localgroups|builtin|workstations> [verbose]</h3><p>
215
218
List the specified set of accounts by name. If verbose is specified,
216
219
the rid and description is also provided for each account.
217
</p></div><div class="refsect2" lang="en"><a name="id2533618"></a><h3>SAM SHOW <NAME></h3><p>
220
</p></div><div class="refsect2" lang="en"><a name="id2533637"></a><h3>SAM SHOW <NAME></h3><p>
218
221
Show the full DOMAIN\\NAME the SID and the type for the corresponding
220
</p></div><div class="refsect2" lang="en"><a name="id2533630"></a><h3>SAM SET HOMEDIR <NAME> <DIRECTORY></h3><p>
223
</p></div><div class="refsect2" lang="en"><a name="id2533648"></a><h3>SAM SET HOMEDIR <NAME> <DIRECTORY></h3><p>
221
224
Set the home directory for a user account.
222
</p></div><div class="refsect2" lang="en"><a name="id2533640"></a><h3>SAM SET PROFILEPATH <NAME> <PATH></h3><p>
225
</p></div><div class="refsect2" lang="en"><a name="id2533658"></a><h3>SAM SET PROFILEPATH <NAME> <PATH></h3><p>
223
226
Set the profile path for a user account.
224
</p></div><div class="refsect2" lang="en"><a name="id2533651"></a><h3>SAM SET COMMENT <NAME> <COMMENT></h3><p>
227
</p></div><div class="refsect2" lang="en"><a name="id2533669"></a><h3>SAM SET COMMENT <NAME> <COMMENT></h3><p>
225
228
Set the comment for a user or group account.
226
</p></div><div class="refsect2" lang="en"><a name="id2533662"></a><h3>SAM SET FULLNAME <NAME> <FULL NAME></h3><p>
229
</p></div><div class="refsect2" lang="en"><a name="id2533680"></a><h3>SAM SET FULLNAME <NAME> <FULL NAME></h3><p>
227
230
Set the full name for a user account.
228
</p></div><div class="refsect2" lang="en"><a name="id2533673"></a><h3>SAM SET LOGONSCRIPT <NAME> <SCRIPT></h3><p>
231
</p></div><div class="refsect2" lang="en"><a name="id2533691"></a><h3>SAM SET LOGONSCRIPT <NAME> <SCRIPT></h3><p>
229
232
Set the logon script for a user account.
230
</p></div><div class="refsect2" lang="en"><a name="id2533684"></a><h3>SAM SET HOMEDRIVE <NAME> <DRIVE></h3><p>
233
</p></div><div class="refsect2" lang="en"><a name="id2533702"></a><h3>SAM SET HOMEDRIVE <NAME> <DRIVE></h3><p>
231
234
Set the home drive for a user account.
232
</p></div><div class="refsect2" lang="en"><a name="id2533695"></a><h3>SAM SET WORKSTATIONS <NAME> <WORKSTATIONS></h3><p>
235
</p></div><div class="refsect2" lang="en"><a name="id2533714"></a><h3>SAM SET WORKSTATIONS <NAME> <WORKSTATIONS></h3><p>
233
236
Set the workstations a user account is allowed to log in from.
234
</p></div><div class="refsect2" lang="en"><a name="id2533707"></a><h3>SAM SET DISABLE <NAME></h3><p>
237
</p></div><div class="refsect2" lang="en"><a name="id2533725"></a><h3>SAM SET DISABLE <NAME></h3><p>
235
238
Set the "disabled" flag for a user account.
236
</p></div><div class="refsect2" lang="en"><a name="id2533718"></a><h3>SAM SET PWNOTREQ <NAME></h3><p>
239
</p></div><div class="refsect2" lang="en"><a name="id2533736"></a><h3>SAM SET PWNOTREQ <NAME></h3><p>
237
240
Set the "password not required" flag for a user account.
238
</p></div><div class="refsect2" lang="en"><a name="id2533729"></a><h3>SAM SET AUTOLOCK <NAME></h3><p>
241
</p></div><div class="refsect2" lang="en"><a name="id2533747"></a><h3>SAM SET AUTOLOCK <NAME></h3><p>
239
242
Set the "autolock" flag for a user account.
240
</p></div><div class="refsect2" lang="en"><a name="id2533740"></a><h3>SAM SET PWNOEXP <NAME></h3><p>
243
</p></div><div class="refsect2" lang="en"><a name="id2533759"></a><h3>SAM SET PWNOEXP <NAME></h3><p>
241
244
Set the "password do not expire" flag for a user account.
242
</p></div><div class="refsect2" lang="en"><a name="id2533751"></a><h3>SAM SET PWDMUSTCHANGENOW <NAME> [yes|no]</h3><p>
245
</p></div><div class="refsect2" lang="en"><a name="id2533770"></a><h3>SAM SET PWDMUSTCHANGENOW <NAME> [yes|no]</h3><p>
243
246
Set or unset the "password must change" flag for a user account.
244
</p></div><div class="refsect2" lang="en"><a name="id2533763"></a><h3>SAM POLICY LIST</h3><p>
247
</p></div><div class="refsect2" lang="en"><a name="id2533782"></a><h3>SAM POLICY LIST</h3><p>
245
248
List the available account policies.
246
</p></div><div class="refsect2" lang="en"><a name="id2533773"></a><h3>SAM POLICY SHOW <account policy></h3><p>
249
</p></div><div class="refsect2" lang="en"><a name="id2533792"></a><h3>SAM POLICY SHOW <account policy></h3><p>
247
250
Show the account policy value.
248
</p></div><div class="refsect2" lang="en"><a name="id2533784"></a><h3>SAM POLICY SET <account policy> <value></h3><p>
251
</p></div><div class="refsect2" lang="en"><a name="id2533803"></a><h3>SAM POLICY SET <account policy> <value></h3><p>
249
252
Set a value for the account policy.
250
253
Valid values can be: "forever", "never", "off", or a number.
251
</p></div><div class="refsect2" lang="en"><a name="id2533797"></a><h3>SAM PROVISION</h3><p>
254
</p></div><div class="refsect2" lang="en"><a name="id2533816"></a><h3>SAM PROVISION</h3><p>
252
255
Only available if ldapsam:editposix is set and winbindd is running.
253
256
Properly populates the ldap tree with the basic accounts (Administrator)
254
257
and groups (Domain Users, Domain Admins, Domain Guests) on the ldap tree.
255
</p></div><div class="refsect2" lang="en"><a name="id2533810"></a><h3>IDMAP DUMP <local tdb file name></h3><p>
258
</p></div><div class="refsect2" lang="en"><a name="id2533829"></a><h3>IDMAP DUMP <local tdb file name></h3><p>
256
259
Dumps the mappings contained in the local tdb file specified.
257
260
This command is useful to dump only the mappings produced by the idmap_tdb backend.
258
</p></div><div class="refsect2" lang="en"><a name="id2533824"></a><h3>IDMAP RESTORE [input file]</h3><p>
261
</p></div><div class="refsect2" lang="en"><a name="id2533843"></a><h3>IDMAP RESTORE [input file]</h3><p>
259
262
Restore the mappings from the specified file or stdin.
260
</p></div><div class="refsect2" lang="en"><a name="id2533835"></a><h3>IDMAP SECRET <DOMAIN>|ALLOC <secret></h3><p>
263
</p></div><div class="refsect2" lang="en"><a name="id2533854"></a><h3>IDMAP SECRET <DOMAIN>|ALLOC <secret></h3><p>
261
264
Store a secret for the specified domain, used primarily for domains
262
265
that use idmap_ldap as a backend. In this case the secret is used
263
266
as the password for the user DN used to bind to the ldap server.
264
</p></div><div class="refsect2" lang="en"><a name="id2533849"></a><h3>USERSHARE</h3><p>Starting with version 3.0.23, a Samba server now supports the ability for
267
</p></div><div class="refsect2" lang="en"><a name="id2533868"></a><h3>USERSHARE</h3><p>Starting with version 3.0.23, a Samba server now supports the ability for
265
268
non-root users to add user defined shares to be exported using the "net usershare"
389
392
import command to that specific section. A test mode is enabled by specifying
390
393
the parameter "-T" on the commandline. In test mode, no changes are made to the
391
394
registry, and the resulting configuration is printed to standard output instead.
392
</p></div><div class="refsect3" lang="en"><a name="id2534357"></a><h4>CONF LISTSHARES</h4><p>
395
</p></div><div class="refsect3" lang="en"><a name="id2534250"></a><h4>CONF LISTSHARES</h4><p>
393
396
List the names of the shares defined in registry.
394
</p></div><div class="refsect3" lang="en"><a name="id2534367"></a><h4>CONF DROP</h4><p>
397
</p></div><div class="refsect3" lang="en"><a name="id2534261"></a><h4>CONF DROP</h4><p>
395
398
Delete the complete configuration data from registry.
396
</p></div><div class="refsect3" lang="en"><a name="id2534378"></a><h4>CONF SHOWSHARE <em class="replaceable"><code>sharename</code></em></h4><p>
399
</p></div><div class="refsect3" lang="en"><a name="id2534271"></a><h4>CONF SHOWSHARE <em class="replaceable"><code>sharename</code></em></h4><p>
397
400
Show the definition of the share or section specified. It is valid to specify
398
401
"global" as sharename to retrieve the global configuration options from
400
</p></div><div class="refsect3" lang="en"><a name="id2534392"></a><h4>CONF ADDSHARE <em class="replaceable"><code>sharename</code></em> <em class="replaceable"><code>path</code></em> [<em class="replaceable"><code>writeable={y|N}</code></em> [<em class="replaceable"><code>guest_ok={y|N}</code></em> [<em class="replaceable"><code>comment</code></em>]]] </h4><p>Create a new share definition in registry.
403
</p></div><div class="refsect3" lang="en"><a name="id2534286"></a><h4>CONF ADDSHARE <em class="replaceable"><code>sharename</code></em> <em class="replaceable"><code>path</code></em> [<em class="replaceable"><code>writeable={y|N}</code></em> [<em class="replaceable"><code>guest_ok={y|N}</code></em> [<em class="replaceable"><code>comment</code></em>]]] </h4><p>Create a new share definition in registry.
401
404
The sharename and path have to be given. The share name may
402
405
<span class="emphasis"><em>not</em></span> be "global". Optionally, values for the very
403
406
common options "writeable", "guest ok" and a "comment" may be specified.
404
407
The same result may be obtained by a sequence of "net conf setparm"
406
</p></div><div class="refsect3" lang="en"><a name="id2534426"></a><h4>CONF DELSHARE <em class="replaceable"><code>sharename</code></em></h4><p>
409
</p></div><div class="refsect3" lang="en"><a name="id2534320"></a><h4>CONF DELSHARE <em class="replaceable"><code>sharename</code></em></h4><p>
407
410
Delete a share definition from registry.
408
</p></div><div class="refsect3" lang="en"><a name="id2534439"></a><h4>CONF SETPARM <em class="replaceable"><code>section</code></em> <em class="replaceable"><code>parameter</code></em> <em class="replaceable"><code>value</code></em></h4><p>
411
</p></div><div class="refsect3" lang="en"><a name="id2534333"></a><h4>CONF SETPARM <em class="replaceable"><code>section</code></em> <em class="replaceable"><code>parameter</code></em> <em class="replaceable"><code>value</code></em></h4><p>
409
412
Store a parameter in registry. The section may be global or a sharename.
410
413
The section is created if it does not exist yet.
411
</p></div><div class="refsect3" lang="en"><a name="id2534459"></a><h4>CONF GETPARM <em class="replaceable"><code>section</code></em> <em class="replaceable"><code>parameter</code></em></h4><p>
414
</p></div><div class="refsect3" lang="en"><a name="id2534353"></a><h4>CONF GETPARM <em class="replaceable"><code>section</code></em> <em class="replaceable"><code>parameter</code></em></h4><p>
412
415
Show a parameter stored in registry.
413
</p></div><div class="refsect3" lang="en"><a name="id2534475"></a><h4>CONF DELPARM <em class="replaceable"><code>section</code></em> <em class="replaceable"><code>parameter</code></em></h4><p>
416
</p></div><div class="refsect3" lang="en"><a name="id2534369"></a><h4>CONF DELPARM <em class="replaceable"><code>section</code></em> <em class="replaceable"><code>parameter</code></em></h4><p>
414
417
Delete a parameter stored in registry.
415
</p></div><div class="refsect3" lang="en"><a name="id2534491"></a><h4>CONF GETINCLUDES <em class="replaceable"><code>section</code></em></h4><p>
418
</p></div><div class="refsect3" lang="en"><a name="id2534384"></a><h4>CONF GETINCLUDES <em class="replaceable"><code>section</code></em></h4><p>
416
419
Get the list of includes for the provided section (global or share).
418
421
Note that due to the nature of the registry database and the nature of include directives,