Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

rpcclient.1

Visit:

Last change on this file was 862, checked in by Silvan Scherrer, 12 years ago
Samba Server: update trunk to 3.6.23
File size: 17.4 KB

Line
1	'\" t
2	.\" Title: rpcclient
3	.\" Author: [see the "AUTHOR" section]
4	.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
5	.\" Date: 09/18/2013
6	.\" Manual: User Commands
7	.\" Source: Samba 3.6
8	.\" Language: English
9	.\"
10	.TH "RPCCLIENT" "1" "09/18/2013" "Samba 3\&.6" "User Commands"
11	.\" -----------------------------------------------------------------
12	.\" * Define some portability stuff
13	.\" -----------------------------------------------------------------
14	.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
15	.\" http://bugs.debian.org/507673
16	.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
17	.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
18	.ie \n(.g .ds Aq \(aq
19	.el .ds Aq '
20	.\" -----------------------------------------------------------------
21	.\" * set default formatting
22	.\" -----------------------------------------------------------------
23	.\" disable hyphenation
24	.nh
25	.\" disable justification (adjust text to left margin only)
26	.ad l
27	.\" -----------------------------------------------------------------
28	.\" * MAIN CONTENT STARTS HERE *
29	.\" -----------------------------------------------------------------
30	.SH "NAME"
31	rpcclient \- tool for executing client side MS\-RPC functions
32	.SH "SYNOPSIS"
33	.HP \w'\ 'u
34	rpcclient [\-A\ authfile] [\-c\ <command\ string>] [\-d\ debuglevel] [\-h] [\-l\ logdir] [\-N] [\-s\ <smb\ config\ file>] [\-U\ username[%password]] [\-W\ workgroup] [\-I\ destinationIP] {server}
35	.SH "DESCRIPTION"
36	.PP
37	This tool is part of the
38	\fBsamba\fR(7)
39	suite\&.
40	.PP
41	rpcclient
42	is a utility initially developed to test MS\-RPC functionality in Samba itself\&. It has undergone several stages of development and stability\&. Many system administrators have now written scripts around it to manage Windows NT clients from their UNIX workstation\&.
43	.SH "OPTIONS"
44	.PP
45	server
46	.RS 4
47	NetBIOS name of Server to which to connect\&. The server can be any SMB/CIFS server\&. The name is resolved using the
48	\m[blue]\fBname resolve order\fR\m[]
49	line from
50	\fBsmb.conf\fR(5)\&.
51	.RE
52	.PP
53	\-c\|\-\-command=<command string>
54	.RS 4
55	Execute semicolon separated commands (listed below)
56	.RE
57	.PP
58	\-I\|\-\-dest\-ip IP\-address
59	.RS 4
60	\fIIP address\fR
61	is the address of the server to connect to\&. It should be specified in standard "a\&.b\&.c\&.d" notation\&.
62	.sp
63	Normally the client would attempt to locate a named SMB/CIFS server by looking it up via the NetBIOS name resolution mechanism described above in the
64	\fIname resolve order\fR
65	parameter above\&. Using this parameter will force the client to assume that the server is on the machine with the specified IP address and the NetBIOS name component of the resource being connected to will be ignored\&.
66	.sp
67	There is no default for this parameter\&. If not supplied, it will be determined automatically by the client as described above\&.
68	.RE
69	.PP
70	\-p\|\-\-port port
71	.RS 4
72	This number is the TCP port number that will be used when making connections to the server\&. The standard (well\-known) TCP port number for an SMB/CIFS server is 139, which is the default\&.
73	.RE
74	.PP
75	\-d\|\-\-debuglevel=level
76	.RS 4
77	\fIlevel\fR
78	is an integer from 0 to 10\&. The default value if this parameter is not specified is 0\&.
79	.sp
80	The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\&.
81	.sp
82	Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\&. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\&.
83	.sp
84	Note that specifying this parameter here will override the
85	\m[blue]\fBlog level\fR\m[]
86	parameter in the
87	smb\&.conf
88	file\&.
89	.RE
90	.PP
91	\-V\|\-\-version
92	.RS 4
93	Prints the program version number\&.
94	.RE
95	.PP
96	\-s\|\-\-configfile <configuration file>
97	.RS 4
98	The file specified contains the configuration details required by the server\&. The information in this file includes server\-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\&. See
99	smb\&.conf
100	for more information\&. The default configuration file name is determined at compile time\&.
101	.RE
102	.PP
103	\-l\|\-\-log\-basename=logdirectory
104	.RS 4
105	Base directory name for log/debug files\&. The extension
106	\fB"\&.progname"\fR
107	will be appended (e\&.g\&. log\&.smbclient, log\&.smbd, etc\&.\&.\&.)\&. The log file is never removed by the client\&.
108	.RE
109	.PP
110	\-N\|\-\-no\-pass
111	.RS 4
112	If specified, this parameter suppresses the normal password prompt from the client to the user\&. This is useful when accessing a service that does not require a password\&.
113	.sp
114	Unless a password is specified on the command line or this parameter is specified, the client will request a password\&.
115	.sp
116	If a password is specified on the command line and this option is also defined the password on the command line will be silently ingnored and no password will be used\&.
117	.RE
118	.PP
119	\-k\|\-\-kerberos
120	.RS 4
121	Try to authenticate with kerberos\&. Only useful in an Active Directory environment\&.
122	.RE
123	.PP
124	\-C\|\-\-use\-ccache
125	.RS 4
126	Try to use the credentials cached by winbind\&.
127	.RE
128	.PP
129	\-A\|\-\-authentication\-file=filename
130	.RS 4
131	This option allows you to specify a file from which to read the username and password used in the connection\&. The format of the file is
132	.sp
133	.if n \{\
134	.RS 4
135	.\}
136	.nf
137	username = <value>
138	password = <value>
139	domain = <value>
140	.fi
141	.if n \{\
142	.RE
143	.\}
144	.sp
145	Make certain that the permissions on the file restrict access from unwanted users\&.
146	.RE
147	.PP
148	\-U\|\-\-user=username[%password]
149	.RS 4
150	Sets the SMB username or username and password\&.
151	.sp
152	If %password is not specified, the user will be prompted\&. The client will first check the
153	\fBUSER\fR
154	environment variable, then the
155	\fBLOGNAME\fR
156	variable and if either exists, the string is uppercased\&. If these environmental variables are not found, the username
157	\fBGUEST\fR
158	is used\&.
159	.sp
160	A third option is to use a credentials file which contains the plaintext of the username and password\&. This option is mainly provided for scripts where the admin does not wish to pass the credentials on the command line or via environment variables\&. If this method is used, make certain that the permissions on the file restrict access from unwanted users\&. See the
161	\fI\-A\fR
162	for more details\&.
163	.sp
164	Be cautious about including passwords in scripts\&. Also, on many systems the command line of a running process may be seen via the
165	ps
166	command\&. To be safe always allow
167	rpcclient
168	to prompt for a password and type it in directly\&.
169	.RE
170	.PP
171	\-n\|\-\-netbiosname <primary NetBIOS name>
172	.RS 4
173	This option allows you to override the NetBIOS name that Samba uses for itself\&. This is identical to setting the
174	\m[blue]\fBnetbios name\fR\m[]
175	parameter in the
176	smb\&.conf
177	file\&. However, a command line setting will take precedence over settings in
178	smb\&.conf\&.
179	.RE
180	.PP
181	\-i\|\-\-scope <scope>
182	.RS 4
183	This specifies a NetBIOS scope that
184	nmblookup
185	will use to communicate with when generating NetBIOS names\&. For details on the use of NetBIOS scopes, see rfc1001\&.txt and rfc1002\&.txt\&. NetBIOS scopes are
186	\fIvery\fR
187	rarely used, only set this parameter if you are the system administrator in charge of all the NetBIOS systems you communicate with\&.
188	.RE
189	.PP
190	\-W\|\-\-workgroup=domain
191	.RS 4
192	Set the SMB domain of the username\&. This overrides the default domain which is the domain defined in smb\&.conf\&. If the domain specified is the same as the servers NetBIOS name, it causes the client to log on using the servers local SAM (as opposed to the Domain SAM)\&.
193	.RE
194	.PP
195	\-O\|\-\-socket\-options socket options
196	.RS 4
197	TCP socket options to set on the client socket\&. See the socket options parameter in the
198	smb\&.conf
199	manual page for the list of valid options\&.
200	.RE
201	.PP
202	\-h\|\-\-help
203	.RS 4
204	Print a summary of command line options\&.
205	.RE
206	.SH "COMMANDS"
207	.SS "LSARPC"
208	.PP
209	lsaquery
210	.RS 4
211	Query info policy
212	.RE
213	.PP
214	lookupsids
215	.RS 4
216	Resolve a list of SIDs to usernames\&.
217	.RE
218	.PP
219	lookupnames
220	.RS 4
221	Resolve a list of usernames to SIDs\&.
222	.RE
223	.PP
224	enumtrusts
225	.RS 4
226	Enumerate trusted domains
227	.RE
228	.PP
229	enumprivs
230	.RS 4
231	Enumerate privileges
232	.RE
233	.PP
234	getdispname
235	.RS 4
236	Get the privilege name
237	.RE
238	.PP
239	lsaenumsid
240	.RS 4
241	Enumerate the LSA SIDS
242	.RE
243	.PP
244	lsaenumprivsaccount
245	.RS 4
246	Enumerate the privileges of an SID
247	.RE
248	.PP
249	lsaenumacctrights
250	.RS 4
251	Enumerate the rights of an SID
252	.RE
253	.PP
254	lsaenumacctwithright
255	.RS 4
256	Enumerate accounts with a right
257	.RE
258	.PP
259	lsaaddacctrights
260	.RS 4
261	Add rights to an account
262	.RE
263	.PP
264	lsaremoveacctrights
265	.RS 4
266	Remove rights from an account
267	.RE
268	.PP
269	lsalookupprivvalue
270	.RS 4
271	Get a privilege value given its name
272	.RE
273	.PP
274	lsaquerysecobj
275	.RS 4
276	Query LSA security object
277	.RE
278	.SS "LSARPC\-DS"
279	.PP
280	dsroledominfo
281	.RS 4
282	Get Primary Domain Information
283	.RE
284	.PP
285	.PP
286	\fIDFS\fR
287	.PP
288	dfsexist
289	.RS 4
290	Query DFS support
291	.RE
292	.PP
293	dfsadd
294	.RS 4
295	Add a DFS share
296	.RE
297	.PP
298	dfsremove
299	.RS 4
300	Remove a DFS share
301	.RE
302	.PP
303	dfsgetinfo
304	.RS 4
305	Query DFS share info
306	.RE
307	.PP
308	dfsenum
309	.RS 4
310	Enumerate dfs shares
311	.RE
312	.SS "REG"
313	.PP
314	shutdown
315	.RS 4
316	Remote Shutdown
317	.RE
318	.PP
319	abortshutdown
320	.RS 4
321	Abort Shutdown
322	.RE
323	.SS "SRVSVC"
324	.PP
325	srvinfo
326	.RS 4
327	Server query info
328	.RE
329	.PP
330	netshareenum
331	.RS 4
332	Enumerate shares
333	.RE
334	.PP
335	netfileenum
336	.RS 4
337	Enumerate open files
338	.RE
339	.PP
340	netremotetod
341	.RS 4
342	Fetch remote time of day
343	.RE
344	.SS "SAMR"
345	.PP
346	queryuser
347	.RS 4
348	Query user info
349	.RE
350	.PP
351	querygroup
352	.RS 4
353	Query group info
354	.RE
355	.PP
356	queryusergroups
357	.RS 4
358	Query user groups
359	.RE
360	.PP
361	querygroupmem
362	.RS 4
363	Query group membership
364	.RE
365	.PP
366	queryaliasmem
367	.RS 4
368	Query alias membership
369	.RE
370	.PP
371	querydispinfo
372	.RS 4
373	Query display info
374	.RE
375	.PP
376	querydominfo
377	.RS 4
378	Query domain info
379	.RE
380	.PP
381	enumdomusers
382	.RS 4
383	Enumerate domain users
384	.RE
385	.PP
386	enumdomgroups
387	.RS 4
388	Enumerate domain groups
389	.RE
390	.PP
391	enumalsgroups
392	.RS 4
393	Enumerate alias groups
394	.RE
395	.PP
396	createdomuser
397	.RS 4
398	Create domain user
399	.RE
400	.PP
401	samlookupnames
402	.RS 4
403	Look up names
404	.RE
405	.PP
406	samlookuprids
407	.RS 4
408	Look up names
409	.RE
410	.PP
411	deletedomuser
412	.RS 4
413	Delete domain user
414	.RE
415	.PP
416	samquerysecobj
417	.RS 4
418	Query SAMR security object
419	.RE
420	.PP
421	getdompwinfo
422	.RS 4
423	Retrieve domain password info
424	.RE
425	.PP
426	lookupdomain
427	.RS 4
428	Look up domain
429	.RE
430	.SS "SPOOLSS"
431	.PP