source: branches/samba-3.2.x/docs/manpages/net.8@ 202

.\"     Title: net
.\"    Author: 
.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/>
.\"      Date: 08/27/2008
.\"    Manual: System Administration tools
.\"    Source: Samba 3.2
.\"
.TH "NET" "8" "08/27/2008" "Samba 3\.2" "System Administration tools"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
net - Tool for administration of Samba and remote CIFS servers.
.SH "SYNOPSIS"
.HP 1
net {<ads|rap|rpc>} [\-h] [\-w\ workgroup] [\-W\ myworkgroup] [\-U\ user] [\-I\ ip\-address] [\-p\ port] [\-n\ myname] [\-s\ conffile] [\-S\ server] [\-l] [\-P] [\-d\ debuglevel] [\-V]
.SH "DESCRIPTION"
.PP
This tool is part of the
\fBsamba\fR(7)
suite\.
.PP
The Samba net utility is meant to work just like the net utility available for windows and DOS\. The first argument should be used to specify the protocol to use when executing a certain command\. ADS is used for ActiveDirectory, RAP is using for old (Win9x/NT3) clients and RPC can be used for NT4 and Windows 2000\. If this argument is omitted, net will try to determine it automatically\. Not all commands are available on all protocols\.
.SH "OPTIONS"
.PP
\-h|\-\-help
.RS 4
Print a summary of command line options\.
.RE
.PP
\-w target\-workgroup
.RS 4
Sets target workgroup or domain\. You have to specify either this option or the IP address or the name of a server\.
.RE
.PP
\-W workgroup
.RS 4
Sets client workgroup or domain
.RE
.PP
\-U user
.RS 4
User name to use
.RE
.PP
\-I ip\-address
.RS 4
IP address of target server to use\. You have to specify either this option or a target workgroup or a target server\.
.RE
.PP
\-p port
.RS 4
Port on the target server to connect to (usually 139 or 445)\. Defaults to trying 445 first, then 139\.
.RE
.PP
\-n <primary NetBIOS name>
.RS 4
This option allows you to override the NetBIOS name that Samba uses for itself\. This is identical to setting the
\fInetbios name\fR
parameter in the
\fIsmb\.conf\fR
file\. However, a command line setting will take precedence over settings in
\fIsmb\.conf\fR\.
.RE
.PP
\-s <configuration file>
.RS 4
The file specified contains the configuration details required by the server\. The information in this file includes server\-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\. See
\fIsmb\.conf\fR
for more information\. The default configuration file name is determined at compile time\.
.RE
.PP
\-S server
.RS 4
Name of target server\. You should specify either this option or a target workgroup or a target IP address\.
.RE
.PP
\-l
.RS 4
When listing data, give more information on each item\.
.RE
.PP
\-P
.RS 4
Make queries to the external server using the machine account of the local server\.
.RE
.PP
\-d|\-\-debuglevel=level
.RS 4
\fIlevel\fR
is an integer from 0 to 10\. The default value if this parameter is not specified is 0\.
.sp
The higher this value, the more detail will be logged to the log files about the activities of the server\. At level 0, only critical errors and serious warnings will be logged\. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\.
.sp
Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\.
.sp
Note that specifying this parameter here will override the
\fIlog level\fR
parameter in the
\fIsmb\.conf\fR
file\.
.RE
.SH "COMMANDS"
.SS "CHANGESECRETPW"
.PP
This command allows the Samba machine account password to be set from an external application to a machine account password that has already been stored in Active Directory\. DO NOT USE this command unless you know exactly what you are doing\. The use of this command requires that the force flag (\-f) be used also\. There will be NO command prompt\. Whatever information is piped into stdin, either by typing at the command line or otherwise, will be stored as the literal machine password\. Do NOT use this without care and attention as it will overwrite a legitimate machine password without warning\. YOU HAVE BEEN WARNED\.
.SS "TIME"
.PP
The
NET TIME
command allows you to view the time on a remote server or synchronise the time on the local server with the time on the remote server\.
.SS "TIME"
.PP
Without any options, the
NET TIME
command displays the time on the remote server\.
.SS "TIME SYSTEM"
.PP
Displays the time on the remote server in a format ready for
/bin/date\.
.SS "TIME SET"
.PP
Tries to set the date and time of the local server to that on the remote server using
/bin/date\.
.SS "TIME ZONE"
.PP
Displays the timezone in hours from GMT on the remote computer\.
.SS "[RPC|ADS] JOIN [TYPE] [\-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]"
.PP
Join a domain\. If the account already exists on the server, and [TYPE] is MEMBER, the machine will attempt to join automatically\. (Assuming that the machine has been created in server manager) Otherwise, a password will be prompted for, and a new account may be created\.
.PP
[TYPE] may be PDC, BDC or MEMBER to specify the type of server joining the domain\.
.PP
[UPN] (ADS only) set the principalname attribute during the join\. The default format is host/netbiosname@REALM\.
.PP
[OU] (ADS only) Precreate the computer account in a specific OU\. The OU string reads from top to bottom without RDNs, and is delimited by a \'/\'\. Please note that \'\e\' is used for escape by both the shell and ldap, so it may need to be doubled or quadrupled to pass through, and it is not used as a delimiter\.
.SS "[RPC] OLDJOIN [options]"
.PP
Join a domain\. Use the OLDJOIN option to join the domain using the old style of domain joining \- you need to create a trust account in server manager first\.
.SS "[RPC|ADS] USER"
.SS "[RPC|ADS] USER"
.PP
List all users
.SS "[RPC|ADS] USER DELETE target"
.PP
Delete specified user
.SS "[RPC|ADS] USER INFO target"
.PP
List the domain groups of the specified user\.
.SS "[RPC|ADS] USER RENAME oldname newname"
.PP
Rename specified user\.
.SS "[RPC|ADS] USER ADD name [password] [-F user flags] [-C comment]"
.PP
Add specified user\.
.SS "[RPC|ADS] GROUP"
.SS "[RPC|ADS] GROUP [misc options] [targets]"
.PP
List user groups\.
.SS "[RPC|ADS] GROUP DELETE name [misc. options]"
.PP
Delete specified group\.
.SS "[RPC|ADS] GROUP ADD name [-C comment]"
.PP
Create specified group\.
.SS "[RAP|RPC] SHARE"
.SS "[RAP|RPC] SHARE [misc. options] [targets]"
.PP
Enumerates all exported resources (network shares) on target server\.
.SS "[RAP|RPC] SHARE ADD name=serverpath [-C comment] [-M maxusers] [targets]"
.PP
Adds a share from a server (makes the export active)\. Maxusers specifies the number of users that can be connected to the share simultaneously\.
.SS "SHARE DELETE sharename"
.PP
Delete specified share\.
.SS "[RPC|RAP] FILE"
.SS "[RPC|RAP] FILE"
.PP
List all open files on remote server\.
.SS "[RPC|RAP] FILE CLOSE fileid"
.PP
Close file with specified
\fIfileid\fR
on remote server\.
.SS "[RPC|RAP] FILE INFO fileid"
.PP
Print information on specified
\fIfileid\fR\. Currently listed are: file\-id, username, locks, path, permissions\.
.SS "[RAP|RPC] FILE USER user"
.PP
List files opened by specified
\fIuser\fR\. Please note that
net rap file user
does not work against Samba servers\.
.SS "SESSION"
.SS "RAP SESSION"
.PP
Without any other options, SESSION enumerates all active SMB/CIFS sessions on the target server\.
.SS "RAP SESSION DELETE|CLOSE CLIENT_NAME"
.PP
Close the specified sessions\.
.SS "RAP SESSION INFO CLIENT_NAME"
.PP
Give a list with all the open files in specified session\.
.SS "RAP SERVER \fIDOMAIN\fR"
.PP
List all servers in specified domain or workgroup\. Defaults to local domain\.
.SS "RAP DOMAIN"
.PP
Lists all domains and workgroups visible on the current network\.
.SS "RAP PRINTQ"
.SS "RAP PRINTQ LIST QUEUE_NAME"
.PP
Lists the specified print queue and print jobs on the server\. If the
\fIQUEUE_NAME\fR
is omitted, all queues are listed\.
.SS "RAP PRINTQ DELETE JOBID"
.PP
Delete job with specified id\.
.SS "RAP VALIDATE \fIuser\fR [\fIpassword\fR]"
.PP
Validate whether the specified user can log in to the remote server\. If the password is not specified on the commandline, it will be prompted\.
.sp
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
Note
.PP
Currently NOT implemented\.
.SS "RAP GROUPMEMBER"
.SS "RAP GROUPMEMBER LIST GROUP"
.PP
List all members of the specified group\.
.SS "RAP GROUPMEMBER DELETE GROUP USER"
.PP
Delete member from group\.
.SS "RAP GROUPMEMBER ADD GROUP USER"
.PP
Add member to group\.
.SS "RAP ADMIN \fIcommand\fR"
.PP
Execute the specified
\fIcommand\fR
on the remote server\. Only works with OS/2 servers\.
.sp
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
Note
.PP
Currently NOT implemented\.
.SS "RAP SERVICE"
.SS "RAP SERVICE START NAME [arguments...]"
.PP
Start the specified service on the remote server\. Not implemented yet\.
.sp
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
Note
.PP
Currently NOT implemented\.

.SS "RAP SERVICE STOP"
.PP
Stop the specified service on the remote server\.
.sp
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
Note
.PP
Currently NOT implemented\.
.SS "RAP PASSWORD \fIUSER\fR \fIOLDPASS\fR \fINEWPASS\fR"
.PP
Change password of
\fIUSER\fR
from
\fIOLDPASS\fR
to
\fINEWPASS\fR\.
.SS "LOOKUP"
.SS "LOOKUP HOST HOSTNAME [TYPE]"