3
3
.\" Author: [see the "AUTHOR" section]
4
4
.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
6
6
.\" Manual: System Administration tools
8
8
.\" Language: English
10
.TH "NET" "8" "08/02/2011" "Samba 3\&.5" "System Administration tools"
10
.TH "NET" "8" "10/18/2011" "Samba 3\&.6" "System Administration tools"
11
11
.\" -----------------------------------------------------------------
12
12
.\" * set default formatting
13
13
.\" -----------------------------------------------------------------
549
555
.SS "RPC TRUSTDOM LIST"
551
557
List all interdomain trust relationships\&.
558
.SS "RPC TRUSTDOM LIST"
560
List all interdomain trust relationships\&.
562
.SS "RPC TRUST CREATE"
564
Create a trust trust object by calling lsaCreateTrustedDomainEx2\&. The can be done on a single server or on two servers at once with the possibility to use a random trust password\&.
570
Domain controller of the second domain
575
Admin user in the second domain
580
SID of the second domain
585
NetBIOS (short) name of the second domain
590
DNS (full) name of the second domain
600
Create a trust object on srv1\&.dom1\&.dom for the domain dom2
607
net rpc trust create \e
608
otherdomainsid=S\-x\-x\-xx\-xxxxxxxxxx\-xxxxxxxxxx\-xxxxxxxxx \e
609
other_netbios_domain=dom2 \e
610
otherdomain=dom2\&.dom \e
612
\-S srv1\&.dom1\&.dom
619
Create a trust relationship between dom1 and dom2
626
net rpc trust create \e
627
otherserver=srv2\&.dom2\&.test \e
629
\-S srv1\&.dom1\&.dom
635
.SS "RPC TRUST DELETE"
637
Delete a trust trust object by calling lsaDeleteTrustedDomain\&. The can be done on a single server or on two servers at once\&.
643
Domain controller of the second domain
648
Admin user in the second domain
653
SID of the second domain
658
Delete a trust object on srv1\&.dom1\&.dom for the domain dom2
665
net rpc trust delete \e
666
otherdomainsid=S\-x\-x\-xx\-xxxxxxxxxx\-xxxxxxxxxx\-xxxxxxxxx \e
667
\-S srv1\&.dom1\&.dom
674
Delete a trust relationship between dom1 and dom2
681
net rpc trust delete \e
682
otherserver=srv2\&.dom2\&.test \e
684
\-S srv1\&.dom1\&.dom
554
693
This subcommand is used to view and manage Samba\'s rights assignments (also referred to as privileges)\&. There are three options currently available:
725
864
.SS "IDMAP RESTORE [input file]"
727
866
Restore the mappings from the specified file or stdin\&.
728
.SS "IDMAP SECRET <DOMAIN>|ALLOC <secret>"
867
.SS "IDMAP SECRET <DOMAIN> <secret>"
730
869
Store a secret for the specified domain, used primarily for domains that use idmap_ldap as a backend\&. In this case the secret is used as the password for the user DN used to bind to the ldap server\&.
870
.SS "IDMAP DELETE [\-f] [\-\-db=<DB>] <ID>"
872
Delete a mapping sid <\-> gid or sid <\-> uid from the IDMAP database\&. The mapping is given by <ID> which may either be a sid: S\-x\-\&.\&.\&., a gid: "GID number" or a uid: "UID number"\&. Use \-f to delete an invalid partial mapping <ID> \-> xx
874
Use "smbcontrol all idmap \&.\&.\&." to notify running smbd instances\&. See the
876
manpage for details\&.
877
.SS "IDMAP CHECK [\-v] [\-r] [\-a] [\-T] [\-f] [\-l] [\-\-db=<DB>]"
879
Check and repair the IDMAP database\&. If no option is given a read only check of the database is done\&. Among others an interactive or automatic repair mode may be chosen with one of the following options:
883
Interactive repair mode, ask a lot of questions\&.
888
Noninteractive repair mode, use default answers\&.
893
Produce more output\&.
898
Try to apply changes, even if they do not apply cleanly\&.
903
Dry run, show what changes would be made but don\'t touch anything\&.
908
Lock the database while doing the check\&.
913
Check the specified database\&.
918
It reports about the finding of the following errors:
920
Missing reverse mapping:
922
A record with mapping A\->B where there is no B\->A\&. Default action in repair mode is to "fix" this by adding the reverse mapping\&.
927
A record with mapping A\->B where B\->C\&. Default action is to "delete" this record\&.
930
Missing or invalid HWM:
932
A high water mark is not at least equal to the largest ID in the database\&. Default action is to "fix" this by setting it to the largest ID found +1\&.
937
Something we failed to parse\&. Default action is to "edit" it in interactive and "delete" it in automatic mode\&.
733
941
Starting with version 3\&.0\&.23, a Samba server now supports the ability for non\-root users to add user-defined shares to be exported using the "net usershare" commands\&.
889
1097
.SS "CONF DELINCLUDES section"
891
1099
Delete the list of includes from the provided section (global or share)\&.
1102
Manipulate Samba\'s registry\&.
1104
The registry commands are:
1106
net registry enumerate \- Enumerate registry keys and values\&.
1109
net registry enumerate_recursive \- Enumerate registry key and its subkeys\&.
1112
net registry createkey \- Create a new registry key\&.
1115
net registry deletekey \- Delete a registry key\&.
1118
net registry deletekey_recursive \- Delete a registry key with subkeys\&.
1121
net registry getvalue \- Print a registry value\&.
1124
net registry getvalueraw \- Print a registry value (raw format)\&.
1127
net registry setvalue \- Set a new registry value\&.
1130
net registry increment \- Increment a DWORD registry value under a lock\&.
1133
net registry deletevalue \- Delete a registry value\&.
1136
net registry getsd \- Get security descriptor\&.
1139
net registry getsd_sdd1 \- Get security descriptor in sddl format\&.
1142
net registry setsd_sdd1 \- Set security descriptor from sddl format
1146
net registry import \- Import a registration entries (\&.reg) file\&.
1149
net registry export \- Export a registration entries (\&.reg) file\&.
1152
net registry convert \- Convert a registration entries (\&.reg) file\&.
1154
.SS "REGISTRY ENUMERATE key "
1156
Enumerate subkeys and values of
1158
.SS "REGISTRY ENUMERATE_RECURSIVE key "
1163
.SS "REGISTRY CREATEKEY key "
1167
if not yet existing\&.
1168
.SS "REGISTRY DELETEKEY key "
1172
and its values from the registry, if it has no subkeys\&.
1173
.SS "REGISTRY DELETEKEY_RECURSIVE key "
1177
and all of its subkeys and values from the registry\&.
1178
.SS "REGISTRY GETVALUE key name"
1180
Output type and actual value of the value
1184
.SS "REGISTRY GETVALUERAW key name"
1186
Output the actual value of the value
1190
.SS "REGISTRY SETVALUE key name type value ..."
1201
\fIdword\fR\&. In case of
1204
may be given multiple times\&.
1205
.SS "REGISTRY INCREMENT key name [inc]"
1207
Increment the DWORD value
1213
while holding a g_lock\&.
1216
.SS "REGISTRY DELETEVALUE key name"
1222
.SS "REGISTRY GETSD key"
1224
Get the security descriptor of the given
1226
.SS "REGISTRY GETSD_SDDL key"
1228
Get the security descriptor of the given
1230
as a Security Descriptor Definition Language (SDDL) string\&.
1231
.SS "REGISTRY SETSD_SDDL keysd"
1233
Set the security descriptor of the given
1235
from a Security Descriptor Definition Language (SDDL) string
1237
.SS "REGISTRY IMPORT file[opt]"
1239
Import a registration entries (\&.reg)
1241
.SS "REGISTRY EXPORT keyfile[opt]"
1245
to a registration entries (\&.reg)
1247
.SS "REGISTRY CONVERT in out [[inopt] outopt]"
1249
Convert a registration entries (\&.reg) file
894
1253
Starting with version 3\&.4\&.0 net can read, dump, import and export native win32 eventlog files (usually *\&.evt)\&. evt files are used by the native Windows eventviewer tools\&.