1 mailto(samba-bugs@samba.org)
3 manpage(rpcclient htmlcommand((1)))(1)(23 Oct 1998)(Samba)(SAMBA)
6 manpagename(rpcclient)(utility to manage MSRPC resources on servers)
12 [link(password)(password)]
13 link(-S servername)(servername)
14 [link(-U [username][%][password])(minusU)]
15 [link(-W domain)(minusW)]
16 [link(-l log basename)(minusl)]
17 [link(-d debuglevel)(minusd)]
18 [link(-O socket options)(minusO)]
19 [link(-i scope)(minusi)]
21 [link(-n NetBIOS name)(minusn)]
23 [link(-I dest IP)(minusI)]
25 [link(-t terminal code)(minust)]
26 [link(-c command string)(minusc)]
27 [link(-B IP addr)(minusB)]
28 [link(-s smb.conf)(minuss)]
29 [link(-m max protocol)(minusm)]
34 This program is part of the bf(Samba) suite.
36 bf(rpcclient) is a client that can 'talk' to an SMB/CIFS MSRPC server.
37 Operations include things like managing a SAM Database (users, groups
38 and aliases) in the same way as the Windows NT programs
39 bf(User Manager for Domains) and bf(Server Manager for Domains);
40 managing a remote registry in the same way as the Windows NT programs
41 bf(REGEDT32.EXE) and bf(REGEDIT.EXE); viewing a remote event log (same
42 as bf(EVENTVWR.EXE)) etc.
44 Typical usage is like this: nl()
45 tt(rpcclient -I 192.168.32.1 -S "*SMBSERVER" -U fred%secret -l log)
48 bf(rpcclient) is em(not) suitable for usage on single-user systems
49 such as Windows 9X, as Windows 9X does not support MSRPC services.
50 Therefore, if you have problems using bf(rpcclient) with Windows 9X,
51 we don't want to hear about it.
59 dit(bf(servername)) servername is the name of the server you want
60 to use on the server. This should be the NetBIOS name of the SMB/CIFS
61 server, which can be bf(*SMBSERVER) on Windows NT 4.0 or Samba Servers.
63 Note that the server name required is NOT necessarily the IP (DNS)
64 host name of the server! The name required is a NetBIOS server name,
65 which may or may not be the same as the IP hostname of the machine
66 running the server. Also, remember that having a period in a NetBIOS
67 name (such as an IP hostname) may cause connectivity problems on your
68 network: NT tends to strip NetBIOS names from the leading period
71 The server name is looked up according to either the
72 link(bf(-R))(minusR) parameter to bf(rpcclient) or using the
73 url(bf(name resolve order))(smb.conf.5.html#nameresolveorder)
74 parameter in the smb.conf file, allowing an administrator to change
75 the order and methods by which server names are looked up.
78 dit(bf(password)) password is the password required to access the
79 specified service on the specified server. If this parameter is
80 supplied, the link(bf(-N))(minusN) option (suppress password prompt) is assumed.
82 There is no default password. If no password is supplied on the
83 command line (either by using this parameter or adding a password to
84 the link(bf(-U))(minusU) option (see below)) and the link(bf(-N))(minusN) option is not specified,
85 the client will prompt for a password, even if the desired service
86 does not require one. (If no password is required, simply press ENTER
87 to provide a null password.)
89 Note: Some servers (including OS/2 and Windows for Workgroups) insist
90 on an uppercase password. Lowercase or mixed case passwords may be
91 rejected by these servers.
93 Be cautious about including passwords in scripts.
96 dit(bf(-s smb.conf)) This parameter specifies the pathname to the
97 Samba configuration file, smb.conf. This file controls all aspects of
98 the Samba setup on the machine and rpcclient also needs to read this
102 dit(bf(-B IP addr)) The IP address to use when sending a broadcast packet.
105 dit(bf(-O socket options)) TCP socket options to set on the client
106 socket. See the url(socket options)(smb.conf.5.html#socketoptions)
107 parameter in the url(bf(smb.conf (5)))(smb.conf.5.html) manpage for
108 the list of valid options.
111 dit(bf(-R name resolve order)) This option allows the user of
112 rpcclient to determine what name resolution services to use when
113 looking up the NetBIOS name of the host being connected to.
115 The options are :"lmhosts", "host", "wins" and "bcast". They cause
116 names to be resolved as follows :
120 it() bf(lmhosts) : Lookup an IP address in the Samba lmhosts file.
121 The lmhosts file is stored in the same directory as the
122 url(bf(smb.conf))(smb.conf.5.html) file.
124 it() bf(host) : Do a standard host name to IP address resolution,
125 using the system /etc/hosts, NIS, or DNS lookups. This method of name
126 resolution is operating system depended for instance on IRIX or
127 Solaris this may be controlled by the em(/etc/nsswitch.conf) file).
129 it() bf(wins) : Query a name with the IP address listed in the url(bf(wins
130 server))(smb.conf.5.html#winsserver) parameter in the smb.conf file. If
131 no WINS server has been specified this method will be ignored.
133 it() bf(bcast) : Do a broadcast on each of the known local interfaces
134 listed in the url(bf(interfaces))(smb.conf.5.html#interfaces) parameter
135 in the smb.conf file. This is the least reliable of the name resolution
136 methods as it depends on the target host being on a locally connected
137 subnet. To specify a particular broadcast address the link(bf(-B))(minusB) option
142 If this parameter is not set then the name resolve order defined
143 in the url(bf(smb.conf))(smb.conf.5.html) file parameter
144 url((bf(name resolve order)))(smb.conf.5.html#nameresolveorder)
147 The default order is lmhosts, host, wins, bcast and without this
148 parameter or any entry in the url(bf("name resolve
149 order"))(smb.conf.5.html#nameresolveorder) parameter of the
150 url(bf(smb.conf))(smb.conf.5.html) file the name resolution methods
151 will be attempted in this order.
154 dit(bf(-i scope)) This specifies a NetBIOS scope that rpcclient will use
155 to communicate with when generating NetBIOS names. For details on the
156 use of NetBIOS scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes
157 are em(very) rarely used, only set this parameter if you are the
158 system administrator in charge of all the NetBIOS systems you
162 dit(bf(-N)) If specified, this parameter suppresses the normal
163 password prompt from the client to the user. This is useful when
164 accessing a service that does not require a password.
166 Unless a password is specified on the command line or this parameter
167 is specified, the client will request a password.
170 dit(bf(-n NetBIOS name)) By default, the client will use the local
171 machine's hostname (in uppercase) as its NetBIOS name. This parameter
172 allows you to override the host name and use whatever NetBIOS name you
176 dit(bf(-d debuglevel)) debuglevel is an integer from 0 to 10, or the
179 The default value if this parameter is not specified is zero.
181 The higher this value, the more detail will be logged to the log files
182 about the activities of the client. At level 0, only critical errors
183 and serious warnings will be logged. Level 1 is a reasonable level for
184 day to day running - it generates a small amount of information about
185 operations carried out.
187 Levels above 1 will generate considerable amounts of log data, and
188 should only be used when investigating a problem. Levels above 3 are
189 designed for use only by developers and generate HUGE amounts of log
190 data, most of which is extremely cryptic. If debuglevel is set to the
191 letter 'A', then em(all) debug messages will be printed. This setting
192 is for developers only (and people who em(really) want to know how the
193 code works internally).
195 Note that specifying this parameter here will override the url(bf(log
196 level))(smb.conf.5.html#loglevel) parameter in the url(bf(smb.conf
197 (5)))(smb.conf.5.html) file.
200 dit(bf(-p port)) This number is the TCP port number that will be used
201 when making connections to the server. The standard (well-known) TCP
202 port number for an SMB/CIFS server is 139, which is the default.
205 dit(bf(-l logfilename)) If specified, logfilename specifies a base
206 filename into which operational data from the running client will be
209 The default base name is specified at compile time.
211 The base name is used to generate actual log file names. For example,
212 if the name specified was "log", the debug file would be
215 The log file generated is never removed by the client.
218 dit(bf(-h)) Print the usage message for the client.
221 dit(bf(-I IP address)) IP address is the address of the server to
222 connect to. It should be specified in standard "a.b.c.d" notation.
224 Normally the client would attempt to locate a named SMB/CIFS server by
225 looking it up via the NetBIOS name resolution mechanism described
226 above in the link(bf(name resolve order))(minusR) parameter
227 above. Using this parameter will force the client to assume that the
228 server is on the machine with the specified IP address and the NetBIOS
229 name component of the resource being connected to will be ignored.
231 There is no default for this parameter. If not supplied, it will be
232 determined automatically by the client as described above.
235 dit(bf(-E)) This parameter causes the client to write messages to the
236 standard error stream (stderr) rather than to the standard output
239 By default, the client writes messages to standard output - typically
242 Note that by default, debug information is always sent to stderr.
243 Debug information can instead be sent to a file, using the
244 link(-l log basename)(minusl) option.
247 dit(bf(-U username)) This specifies the user name that will be used by
248 the client to make a connection, assuming your server is not a downlevel
249 server that is running a protocol level that uses passwords on shares,
252 Some servers are fussy about the case of this name, and some insist
253 that it must be a valid NetBIOS name.
255 If no username is supplied, it will default to an uppercase version of
256 the environment variable tt(USER) or tt(LOGNAME) in that order. If no
257 username is supplied and neither environment variable exists the
258 username "GUEST" will be used.
260 If the tt(USER) environment variable contains a '%' character,
261 everything after that will be treated as a password. This allows you
262 to set the environment variable to be tt(USER=username%password) so
263 that a password is not passed on the command line (where it may be
264 seen by the ps command).
266 If the service you are connecting to requires a password, it can be
267 supplied using the link(bf(-U))(minusU) option, by appending a percent symbol ("%")
268 then the password to username. For example, to attach to a service as
269 user tt("fred") with password tt("secret"), you would specify. nl()
271 tt(-U fred%secret) nl()
273 on the command line. Note that there are no spaces around the percent
276 If you specify the password as part of username then the link(bf(-N))(minusN) option
277 (suppress password prompt) is assumed.
279 If you specify the password as a parameter em(AND) as part of username
280 then the password as part of username will take precedence. Putting
281 nothing before or nothing after the percent symbol will cause an empty
282 username or an empty password to be used, respectively.
284 The password may also be specified by setting up an environment
285 variable called tt(PASSWORD) that contains the users password. Note
286 that this may be very insecure on some systems but on others allows
287 users to script rpcclient commands without having a password appear in
288 the command line of a process listing.
290 Note: Some servers (including OS/2 and Windows for Workgroups) insist
291 on an uppercase password. Lowercase or mixed case passwords may be
292 rejected by these servers.
294 Be cautious about including passwords in scripts or in the
295 tt(PASSWORD) environment variable. Also, on many systems the command
296 line of a running process may be seen via the tt(ps) command to be
297 safe always allow rpcclient to prompt for a password and type it in
301 dit(bf(-t terminal code)) This option tells rpcclient how to interpret
302 filenames coming from the remote server. Usually Asian language
303 multibyte UNIX implementations use different character sets than
304 SMB/CIFS servers (em(EUC) instead of em(SJIS) for example). Setting
305 this parameter will let rpcclient convert between the UNIX filenames
306 and the SMB filenames correctly. This option has not been seriously
307 tested and may have some problems.
309 The terminal codes include tt(sjis), tt(euc), tt(jis7), tt(jis8),
310 tt(junet), tt(hex), tt(cap). This is not a complete list, check the
311 Samba source code for the complete list.
314 dit(bf(-m max protocol level)) With the new code in Samba2.0,
315 bf(rpcclient) always attempts to connect at the maximum
316 protocols level the server supports. This parameter is
317 preserved for backwards compatibility, but any string
318 following the bf(-m) will be ignored.
321 dit(bf(-W Domain)) Override the default Domain, which is the remote server's
322 Domain. This option may be needed to connect to some servers. It is also
323 possible to specify the remote server name as the Domain, which will
324 force the username and password to be authenticated against the remote
325 server's local SAM instead of the Domain SAM.
328 dit(bf(-c command string)) command string is a semicolon separated
329 list of commands to be executed instead of prompting from stdin.
330 link(bf(-N))(minusN) is implied by bf(-c).
332 This is particularly useful in scripts, e.g. tt(-c 'lsaquery; enumusers -u').
337 manpagesection(OPERATIONS)
339 Once the client is running, the user is presented with a prompt :
343 The prompt indicates that the client is ready and waiting to carry out
344 a user command. Each command is a single word, optionally followed by
345 parameters specific to that command. Command and parameters are
346 space-delimited unless these notes specifically state otherwise. All
347 commands are case-insensitive. Parameters to commands may or may not
348 be case sensitive, depending on the command.
350 You can specify names (e.g registry keys; user or group names;
351 service names) which have spaces in them by quoting the
352 name with double quotes, for example "dRMON SmartAgent".
354 Parameters shown in square brackets (e.g., "[parameter]") are
355 optional. If not given, the command will use suitable
356 defaults. Parameters shown in angle brackets (e.g., "<parameter>") are
359 Note that all commands operating on the server are actually performed
360 by issuing a request to the server. Thus the behavior may vary from
361 server to server, depending on how the server was implemented.
363 The commands available are listed in groups relating to different services:
371 label(questionmark) dit(bf(? [command])) If "command" is specified,
372 the bf(?) command will display a brief informative message about the
373 specified command. If no command is specified, a list of available
374 commands will be displayed.
376 label(exclaimationmark) dit(bf(! [shell command])) If "shell command"
377 is specified, the bf(!) command will execute a shell locally and run
378 the specified shell command. If no command is specified, a local shell
381 label(exit) dit(bf(exit)) Terminate the connection with the server and
382 exit from the program.
384 label(help) dit(bf(help [command])) See the link(bf(?))(questionmark)
387 label(quit) dit(bf(quit)) See the link(bf(exit))(exit) command.
395 label(eventlog) dit(bf(eventlog))
402 These commands provide functionality similar to the Windows
403 NT Service Control Manager.
405 It is possible to use command-line completion (if you have
406 the GNU readline library) for Service names, by pressing the
411 label(svcenum) dit(bf(svcenum))
414 label(svcinfo) dit(bf(svcinfo))
415 <service> Service Information
417 label(svcstart) dit(bf(svcstart))
418 <service> [arg 0] [arg 1] ... Start Service
420 label(svcstop) dit(bf(svcstop))
421 <service> Stop Service
429 label(at) dit(bf(at))
430 Scheduler control (at /? for syntax)
436 It is possible to use command-line completion (if you have
437 the GNU readline library) for registry key and value names,
438 by pressing the tab key.
442 label(regenum) dit(bf(regenum))
443 <keyname> Registry Enumeration (keys, values)
445 label(regdeletekey) dit(bf(regdeletekey))
446 <keyname> Registry Key Delete
448 label(regcreatekey) dit(bf(regcreatekey))
449 <keyname> [keyclass] Registry Key Create
451 label(shutdown) dit(bf(shutdown))
452 [-m message] [-t timeout] [-r or --reboot] Server Shutdown
454 label(regqueryval) dit(bf(regqueryval))
455 <valname> Registry Value Query
457 label(regquerykey) dit(bf(regquerykey))
458 <keyname> Registry Key Query
460 label(regdeleteval) dit(bf(regdeleteval))
461 <valname> Registry Value Delete
463 label(regcreateval) dit(bf(regcreateval))
464 <valname> <valtype> <value> Registry Key Create
466 label(reggetsec) dit(bf(reggetsec))
467 <keyname> Registry Key Security
469 label(regtestsec) dit(bf(regtestsec))
470 <keyname> Test Registry Key Security
476 It is possible to use command-line completion (if you have
477 the GNU readline library) for Printer and job names, by
478 pressing the tab key.
482 label(spoolenum) dit(bf(spoolenum))
483 Enumerate Printers. This experimental command lists
484 all printers available on a remote spooler service.
486 label(spooljobs) dit(bf(spooljobs))
487 <printer name> Enumerate Printer Jobs. This
488 experimental command lists all jobs, and their
489 status, currently queued on a remote spooler
492 label(spoolopen) dit(bf(spoolopen))
493 <printer name> Spool Printer Open Test. Experimental.
501 label(time) dit(bf(time))
504 label(brsinfo) dit(bf(brsinfo))
507 label(wksinfo) dit(bf(wksinfo))
508 Workstation Query Info
510 label(srvinfo) dit(bf(srvinfo))
513 label(srvsessions) dit(bf(srvsessions))
514 List sessions on a server
516 label(srvshares) dit(bf(srvshares))
517 List shares on a server
519 label(srvtransports) dit(bf(srvtransports))
520 List transports on a server
522 label(srvconnections) dit(bf(srvconnections))
523 List connections on a server
525 label(srvfiles) dit(bf(srvfiles))
526 List files on a server
530 dit(Local Security Authority)
534 label(lsaquery) dit(bf(lsaquery))
535 Query Info Policy (domain member or server). Obtains
536 the SID and name of the SAM database that a server
537 is responsible for (i.e a workstation's local SAM
538 database or the PDC SAM database). Also obtains the
539 SID and name of the SAM database that a server is
542 label(lsaenumdomains) dit(bf(lsaenumdomains))
543 Enumerate Trusted Domains. Lists all Trusted and
544 Trusting Domains with which the remote PDC has
545 trust relationships established.
547 label(lookupsids) dit(bf(lookupsids))
548 <rid1 or sid1> <rid1 or sid2> ... Resolve names from SIDs.
549 Mostly to be used by developers or for troubleshooting,
550 this command can take either Security Identifiers or Relative
551 Identifiers, and look them up in the local SAM database
552 (or look them up in a remote Trusting or Trusted PDC's SAM
553 database if there is an appropriate Trust Relationship
554 established). The result is a list of names, of the
556 tt([TRUST_DOMAIN\]name). nl()
557 the link(bf(lsaquery))(lsaquery) command must have been
558 issued first if you wish to use lookupsids to resolve
559 RIDs. The only RIDs that will be resolved will be those
560 in the SAM database of the server to which you are connected.
562 label(lookupnames) dit(bf(lookupnames))
563 <name1> <name2> ... Resolve SIDs from names.
564 Mostly to be used by developers or for troubleshooting,
565 this command can take names of the following format: nl()
566 tt([DOMAIN_NAME\]name). nl()
567 The names, which can be user, group or alias names, will
568 either be looked up in the local SAM database or in a remote
569 Trusting or Trusted PDC's SAM database, if there is an
570 appropriate Trust Relationship established. The optional
571 Domain name component is the name of a SAM database, which
572 can include a workstation's local SAM database or a Trusted
575 tt(lookupnames WKSTANAME\Administrator "Domain Guests") nl()
577 label(querysecret) dit(bf(querysecret))
578 LSA Query Secret (developer use). This command only appears
579 to work against NT4 SP3 and below. Due to its potential
580 for misuse, it looks like Microsoft modified their
581 implementation of the LsaRetrievePrivateData call to
582 always return NT_STATUS_ACCESS_DENIED.
590 label(ntlogin) dit(bf(ntlogin))
591 [username] [password] NT Domain login test. Demonstrates
592 how NT-style logins work. Mainly for developer usage,
593 it can also be used to verify that a user can log in
594 from a workstation. If you cannot ever get pam_ntdom
595 to work, try this command first.
597 label(domtrust) dit(bf(domtrust))
598 <domain> NT Inter-Domain test. Demonstrates how NT-style
599 Inter-Domain Trust relationships work. Mainly for
600 developer usage, it can also be used to verify that a
601 Trust Relationship is correctly established with a
604 label(samsync) dit(bf(samsync))
605 SAM Synchronisation Test (experimental). This command
606 is used to manually synchronise a SAM database from a
607 remote PDC, when Samba is set up as a Backup Domain
614 The SAM Database holds user, group and alias information.
615 The commands listed below allow operations such as adding
616 user accounts and changing their password; listing known
617 Domains; listing user, group and alias accounts; listing the
618 members of groups and aliases; adding or removing members
619 from groups and aliases.
621 The commands that make changes are protected by Access Control
622 permissions on the remote server. You will therefore need to
623 be in the right NT group in order to perform certain operations.
624 If you find that a command fails with an NT_STATUS_ACCESS_DENIED
625 error and you think you should be able to perform that command,
626 talk to your Administrator: your username is probably not in the
627 correct NT alias or group (e.g Account Operators; Domain Admin).
629 The commands that view information usually require less
630 user privileges. However, a particular remote server may be
631 configured with better security settings, so a command that
632 succeeds on one server may not succeed on another.
634 It is possible to use command-line completion (if you have
635 the GNU readline library) for user, group, alias and domain
636 names, by pressing the tab key.
640 label(lookupdomain) dit(bf(lookupdomain))
641 Obtain SID for a local domain
643 label(enumusers) dit(bf(enumusers))
644 SAM User Database Query (experimental!)
646 label(addgroupmem) dit(bf(addgroupmem))
647 <group rid> [user] [user] ... SAM Add Domain Group Member
649 label(addaliasmem) dit(bf(addaliasmem))
650 <alias rid> [member sid1] [member sid2] ... SAM Add Domain Alias Member
652 label(delgroupmem) dit(bf(delgroupmem))
653 <group rid> [user] [user] ... SAM Delete Domain Group Member
655 label(delaliasmem) dit(bf(delaliasmem))
656 <alias rid> [member sid1] [member sid2] ... SAM Delete Domain Alias Member
658 label(creategroup) dit(bf(creategroup))
659 SAM Create Domain Group
661 label(createalias) dit(bf(createalias))
662 SAM Create Domain Alias
664 label(createuser) dit(bf(createuser))
665 <username> SAM Create Domain User
667 label(delgroup) dit(bf(delgroup))
668 SAM Delete Domain Group
670 label(delalias) dit(bf(delalias))
671 SAM Delete Domain Alias
673 label(ntpass) dit(bf(ntpass))
674 NT SAM Password Change
676 label(samuserset2) dit(bf(samuserset2))
677 <username> [-s acb_bits] SAM User Set Info 2 (experimental!)
679 label(samuserset) dit(bf(samuserset))
680 <username> [-p password] SAM User Set Info (experimental!)
682 label(samuser) dit(bf(samuser))
683 <username> SAM User Query (experimental!)
685 label(samgroup) dit(bf(samgroup))
686 <groupname> SAM Group Query (experimental!)
688 label(samalias) dit(bf(samalias))
689 <aliasname> SAM Alias Query
691 label(samaliasmem) dit(bf(samaliasmem))
692 <aliasname> SAM Alias Members
694 label(samgroupmem) dit(bf(samgroupmem))
697 label(samtest) dit(bf(samtest))
698 SAM User Encrypted RPC test (experimental!)
700 label(enumaliases) dit(bf(enumaliases))
701 SAM Aliases Database Query (experimental!)
703 label(enumdomains) dit(bf(enumdomains))
704 SAM Domains Database Query (experimental!)
706 label(enumgroups) dit(bf(enumgroups))
707 SAM Group Database Query (experimental!)
709 label(dominfo) dit(bf(dominfo))
710 SAM Query Domain Info
712 label(dispinfo) dit(bf(dispinfo))
713 SAM Query Display Info
721 manpagesection(NOTES)
723 Some servers are fussy about the case of supplied usernames,
724 passwords, share names (AKA service names) and machine names. If you
725 fail to connect try giving all parameters in uppercase.
727 It is often necessary to use the link(bf(-n))(minusn) option when connecting
728 to some types of servers. For example OS/2 LanManager insists on a valid
729 NetBIOS name being used, so you need to supply a valid name that would
730 be known to the server.
732 rpcclient only works on servers that support MSRPC over SMB. This includes
733 all versions of Windows NT, including the ports to Unix such as AS/U and
734 AFPS. Support for MSRPC over SMB in other servers is currently rare and
735 patchy, for example Samba 2.0 only supports a limited set of MSRPC commands,
736 and some of those are not supported very well.
738 label(ENVIRONMENTVARIABLES)
739 manpagesection(ENVIRONMENT VARIABLES)
741 The variable bf(USER) may contain the username of the person using the
742 client. This information is used only if the protocol level is high
743 enough to support session-level passwords.
745 The variable bf(PASSWORD) may contain the password of the person using
746 the client. This information is used only if the protocol level is
747 high enough to support session-level passwords.
750 manpagesection(INSTALLATION)
752 The location of the client program is a matter for individual system
753 administrators. The following are thus suggestions only.
755 It is recommended that the rpcclient software be installed in the
756 /usr/local/samba/bin or /usr/samba/bin directory, this directory
757 readable by all, writeable only by root. The client program itself
758 should be executable by all. The client should em(NOT) be setuid or
761 The client log files should be put in a directory readable and
762 writeable only by the user.
764 To test the client, you will need to know the name of a running
765 SMB/CIFS server. It is possible to run url(bf(smbd (8)))(smbd.8.html)
766 an ordinary user - running that server as a daemon on a
767 user-accessible port (typically any port number over 1024) would
768 provide a suitable test server.
771 manpagesection(DIAGNOSTICS)
773 Most diagnostics issued by the client are logged in a specified log
774 file. The log file name is specified at compile time, but may be
775 overridden on the command line.
777 The number and nature of diagnostics available depends on the debug
778 level used by the client. If you have problems, set the debug level to
779 3 and peruse the log files.
782 manpagesection(VERSION)
784 This man page is correct for version 2.0 of the Samba suite.
791 The MSPRC over SMB code has been developed from examining Network traces.
792 No documentation is available from the original creators (Microsoft) on
793 how MSRPC over SMB works, or how the individual MSRPC services work.
794 Microsoft's implementation of these services has been demonstrated (and
795 reported) to be... a bit flakey in places.
797 The development of Samba's implementation of these services is em(also)
798 a bit rough, and as more of the services are understood, it can even result
799 in versions of url(bf(smbd (8)))(smbd.8.html) and rpcclient that are
800 backwards-incompatible for some commands or services. Additionally, the
801 developers are sending reports to Microsoft, and problems found by or
802 reported to Microsoft are fixed in Service Packs, which may also result in
805 It is therefore not guaranteed that the execution of an rpcclient command will
806 work. It is also not guaranteed that the target server will continue to
807 operate, i.e the execution of an MSRPC command may cause a remote service to
808 fail, or even cause the remote server to fail. Usual rules apply, of course:
809 the developers bear absolutely no responsibility or liability for the use,
810 misuse, or lack of use of rpcclient, by any person or persons, whether legal,
811 illegal, accidental, deliberate, intentional, malicious, curious, etc.
813 This em(particularly) applies to the registry and SAM database commands.
814 As you are using a command-line tool not a mouse-clicky tool, you have
815 already proven yourself to be savvy, however if you don't know what you're
816 doing, then em(don't do it!).
818 dit(Command Completion)
819 Command-completion (available if you have the GNU readline library) used on
820 certain commands may not operate correctly if the word being completed (such as a registry key) contains a space. Typically, the name will be completed, but
821 you will have to go back and put quotes round it, yourself.
823 dit(SAM Database command-completion)
824 Command-completion (available if you have the GNU readline library) of user,
825 group and alias names does not work on remote Domains, which would normally
826 be specified like this: nl()
827 tt(DOMAIN_name\user_name). nl()
828 The only names that can be completed in this fashion are the local names
829 in the SAM database of the target server.
831 dit(link(bf(spoolenum))(spoolenum))
832 Due to current limitations in the rpcclient MSRPC / SMB code, and due to
833 the extremely poor MSRPC implementation (by Microsoft) of the spooler
834 service, if there are a large number of printers (or the names / comment
835 fields associated with the printers), this command will fail. The
836 limitations require further research to be carried out; we're stuck with
837 the poor \PIPE\spoolss design.
844 The original Samba software and related utilities were created by
845 Andrew Tridgell email(samba-bugs@samba.org). Samba is now developed
846 by the Samba Team as an Open Source project similar to the way the
847 Linux kernel is developed.
849 The original Samba man pages were written by Karl Auer. The man page
850 sources were converted to YODL format (another excellent piece of Open
851 Source software, available at
852 url(bf(ftp://ftp.icce.rug.nl/pub/unix/))(ftp://ftp.icce.rug.nl/pub/unix/))
853 and updated for the Samba2.0 release by Jeremy Allison. This man page
854 was developed cut-and-paste style from the smbclient man page, by
855 Luke Kenneth Casson Leighton.
856 email(samba-bugs@samba.org).
858 See url(bf(samba (7)))(samba.7.html) to find out how to get a full
859 list of contributors and details on how to submit bug reports,