5 <!-- Email Address' -->
6 <!ENTITY email.dbannon 'D.Bannon@latrobe.edu.au'>
7 <!ENTITY email.jerry 'jerry@samba.org'>
8 <!ENTITY email.patches 'samba-patches@samba.org'>
9 <!ENTITY email.jelmer 'jelmer@samba.org'>
10 <!ENTITY email.jht 'jht@samba.org'>
11 <!ENTITY email.ghenry 'ghenry@suretecsystems.com'>
12 <!ENTITY email.asn 'asn@samba.org'>
14 <!-- Author entities -->
16 <firstname>Andreas</firstname><surname>Schneider</surname>
18 <orgname>The Samba Team</orgname>
19 <address><email>asn@samba.org</email></address>
22 <!ENTITY author.asn '<author>&person.asn;</author>'>
24 <!ENTITY person.jelmer '
25 <firstname>Jelmer</firstname><othername>R.</othername><surname>Vernooij</surname><othername>R.</othername>
27 <orgname>The Samba Team</orgname>
28 <address><email>jelmer@samba.org</email></address>
31 <!ENTITY author.jelmer '<author>&person.jelmer;</author>'>
33 <!ENTITY person.jerry '
34 <firstname>Gerald</firstname><surname>Carter</surname><othername>(Jerry)</othername>
36 <orgname>Samba Team</orgname>
37 <address><email>jerry@samba.org</email></address>
40 <!ENTITY author.jerry '<author>&person.jerry;</author>'>
42 <!ENTITY author.jeremy '
44 <firstname>Jeremy</firstname><surname>Allison</surname>
46 <orgname>Samba Team</orgname>
47 <address><email>jra@samba.org</email></address>
52 <firstname>John</firstname><surname>Terpstra</surname><othername>H.</othername>
54 <orgname>Samba Team</orgname>
55 <address><email>jht@samba.org</email></address>
58 <!ENTITY author.jht '<author>&person.jht;</author>'>
61 <firstname>Guenther</firstname><surname>Deschner</surname>
63 <orgname>Samba Team</orgname>
64 <address><email>gd@samba.org</email></address>
67 <!ENTITY author.gd '<author>&person.gd;</author>'>
69 <!ENTITY person.kauer '
70 <firstname>Karl</firstname><surname>Auer</surname>
72 <orgname>Samba Team</orgname>
73 <address><email>kauer@biplane.com.au</email></address>
77 <!ENTITY author.kauer '<author>&person.kauer;</author>'>
79 <!ENTITY person.danshearer '
80 <firstname>Dan</firstname><surname>Shearer</surname>
82 <orgname>Samba Team</orgname>
83 <address><email>dan@samba.org</email></address>
87 <!ENTITY author.danshearer '<author>&person.danshearer;</author>'>
89 <!ENTITY person.tpot '
90 <firstname>Tim</firstname><surname>Potter</surname>
92 <orgname>Samba Team</orgname>
93 <address><email>tpot@samba.org</email></address>
97 <!ENTITY author.tpot '<author>&person.tpot;</author>'>
99 <!ENTITY author.tridge '
101 <firstname>Andrew</firstname><surname>Tridgell</surname>
103 <orgname>Samba Team</orgname>
104 <address><email>tridge@samba.org</email></address>
108 <!ENTITY person.jmcd '
109 <firstname>Jim</firstname><surname>McDonough</surname>
111 <orgname>IBM</orgname>
112 <address><email>jmcd@us.ibm.com</email></address>
115 <!ENTITY author.jmcd '<author>&person.jmcd;</author>'>
118 <firstname>Volker</firstname><surname>Lendecke</surname>
120 <orgname>Samba Team</orgname>
121 <address><email>Volker.Lendecke@SerNet.DE</email></address>
124 <!ENTITY author.vl '<author>&person.vl;</author>'>
126 <!ENTITY author.dbannon '
128 <firstname>David</firstname><surname>Bannon</surname>
130 <orgname>Samba Team</orgname>
131 <address><email>dbannon@samba.org</email></address>
135 <!ENTITY author.mimir '
137 <firstname>Rafal</firstname><surname>Szczesniak</surname>
139 <orgname>Samba Team</orgname>
140 <address><email>mimir@samba.org</email></address>
144 <!ENTITY author.dlechnyr '
146 <firstname>David</firstname><surname>Lechnyr</surname>
148 <orgname>Unofficial HOWTO</orgname>
149 <address><email>david@lechnyr.com</email></address>
153 <!ENTITY author.eroseme '
155 <firstname>Eric</firstname><surname>Roseme</surname>
157 <orgname>HP Oplocks Usage Recommendations Whitepaper</orgname>
158 <address><email>eric.roseme@hp.com</email></address>
162 <!ENTITY author.ghenry '
164 <firstname>Gavin</firstname><surname>Henry</surname>
166 <orgname>Suretec Systems Limited, UK</orgname>
167 <address><email>ghenry@suretecsystems.com</email></address>
171 <!ENTITY cmdline.common.debug.client '
173 <term>-d|--debuglevel=DEBUGLEVEL</term>
176 <replaceable>level</replaceable> is an integer from 0
177 to 10. The default value if this parameter is not
178 specified is 1 for client applications.
182 The higher this value, the more detail will be logged
183 to the log files about the activities of the server. At
184 level 0, only critical errors and serious warnings will
185 be logged. Level 1 is a reasonable level for day-to-day
186 running - it generates a small amount of information
187 about operations carried out.
191 Levels above 1 will generate considerable amounts of
192 log data, and should only be used when investigating a
193 problem. Levels above 3 are designed for use only by
194 developers and generate HUGE amounts of log data, most
195 of which is extremely cryptic.
199 Note that specifying this parameter here will override
200 the <smbconfoption name="log level" /> parameter in the
207 <term>--debug-stdout</term>
210 This will redirect debug output to STDOUT. By default
211 all clients are logging to STDERR.
217 <!ENTITY cmdline.common.debug.server '
219 <term>-d|--debuglevel=DEBUGLEVEL</term>
223 <replaceable>level</replaceable> is an integer from 0
224 to 10. The default value if this parameter is not
229 The higher this value, the more detail will be logged
230 to the log files about the activities of the server. At
231 level 0, only critical errors and serious warnings will
232 be logged. Level 1 is a reasonable level for day-to-day
233 running - it generates a small amount of information
234 about operations carried out.
238 Levels above 1 will generate considerable amounts of
239 log data, and should only be used when investigating a
240 problem. Levels above 3 are designed for use only by
241 developers and generate HUGE amounts of log data, most
242 of which is extremely cryptic.
246 Note that specifying this parameter here will override
247 the <smbconfoption name="log level" /> parameter in the
252 <term>--debug-stdout</term>
255 This will redirect debug output to STDOUT. By default
256 server daemons are logging to a log file.
262 <!ENTITY cmdline.common.option '
264 <term>--option=<name>=<value></term>
268 <citerefentry><refentrytitle>smb.conf</refentrytitle>
269 <manvolnum>5</manvolnum></citerefentry> option
270 "<name>" to value "<value>" from the
271 command line. This overrides compiled-in defaults and
272 options read from the configuration file. If a name or
273 a value includes a space, wrap whole
274 --option=name=value into quotes.
280 <!ENTITY cmdline.common.config.client '
282 <term>--configfile=<configuration file></term>
285 The file specified contains the configuration details
286 required by the client. The information in this file
287 can be general for client and server or only provide
288 client specific like options such as
289 <smbconfoption name="client smb encrypt" />. See
290 &smb.conf; for more information. The default
291 configuration file name is determined at compile time.
297 <!ENTITY cmdline.common.config.server '
299 <term>--configfile=CONFIGFILE</term>
302 The file specified contains the configuration details
303 required by the server. The information in this file
304 includes server-specific information such as what
305 printcap file to use, as well as descriptions of all
306 the services that the server is to provide. See
307 &smb.conf; for more information. The default
308 configuration file name is determined at compile
315 <!ENTITY cmdline.version '
317 <term>-V|--version</term>
320 Prints the program version number.
326 <!ENTITY cmdline.common.samba.logbasename '
328 <term>-l|--log-basename=logdirectory</term>
331 Base directory name for log/debug files. The extension
332 <constant>".progname"</constant> will be appended (e.g.
333 log.smbclient, log.smbd, etc...). The log file is never
334 removed by the client.
340 <!ENTITY cmdline.common.samba.leakreport '
342 <term>--leak-report</term>
345 Enable talloc leak reporting on exit.
351 <!ENTITY cmdline.common.samba.leakreportfull '
353 <term>--leak-report-full</term>
356 Enable full talloc leak reporting on exit.
362 <!ENTITY cmdline.common.samba.client '
363 &cmdline.common.debug.client;
364 &cmdline.common.config.client;
365 &cmdline.common.option;
366 &cmdline.common.samba.logbasename;
367 &cmdline.common.samba.leakreport;
368 &cmdline.common.samba.leakreportfull;
372 <!ENTITY cmdline.common.samba.server '
373 &cmdline.common.debug.server;
374 &cmdline.common.config.server;
375 &cmdline.common.option;
376 &cmdline.common.samba.logbasename;
377 &cmdline.common.samba.leakreport;
378 &cmdline.common.samba.leakreportfull;
382 <!ENTITY cmdline.common.connection.nameresolve '
384 <term>-R|--name-resolve=NAME-RESOLVE-ORDER</term>
387 This option is used to determine what naming services
388 and in what order to resolve host names to IP
389 addresses. The option takes a space-separated string of
390 different name resolution options. The best ist to wrap
391 the whole --name-resolve=NAME-RESOLVE-ORDER into
396 The options are: "lmhosts", "host", "wins" and "bcast".
397 They cause names to be resolved as follows:
403 <constant>lmhosts</constant>: Lookup an
404 IP address in the Samba lmhosts file.
405 If the line in lmhosts has no name type
406 attached to the NetBIOS name (see the
407 <citerefentry><refentrytitle>lmhosts</refentrytitle>
408 <manvolnum>5</manvolnum></citerefentry>
409 for details) then any name type matches
416 <constant>host</constant>: Do a
417 standard host name to IP address
418 resolution, using the system
419 <filename>/etc/hosts</filename>, NIS,
420 or DNS lookups. This method of name
421 resolution is operating system
422 dependent, for instance on IRIX or
423 Solaris this may be controlled by the
424 <filename>/etc/nsswitch.conf
425 </filename> file). Note that this
426 method is only used if the NetBIOS name
427 type being queried is the 0x20 (server)
428 name type, otherwise it is ignored.
434 <constant>wins</constant>: Query a name
435 with the IP address listed in the
436 <parameter>wins server</parameter>
437 parameter. If no WINS server has been
438 specified this method will be ignored.
444 <constant>bcast</constant>: Do a
445 broadcast on each of the known local
446 interfaces listed in the
447 <parameter>interfaces</parameter>
448 parameter. This is the least reliable
449 of the name resolution methods as it
450 depends on the target host being on a
451 locally connected subnet.
457 If this parameter is not set then the name resolve
458 order defined in the &smb.conf; file parameter
459 (<smbconfoption name="name resolve order" />) will be
464 The default order is lmhosts, host, wins, bcast.
465 Without this parameter or any entry in the
466 <smbconfoption name="name resolve order" /> parameter
467 of the &smb.conf; file, the name resolution methods
468 will be attempted in this order.
474 <!ENTITY cmdline.common.connection.socketoptions '
476 <term>-O|--socket-options=SOCKETOPTIONS</term>
479 TCP socket options to set on the client socket. See the
480 socket options parameter in the &smb.conf; manual page
481 for the list of valid options.
487 <!ENTITY cmdline.common.connection.netbiosname '
489 <term>-n|--netbiosname=NETBIOSNAME</term>
492 This option allows you to override the NetBIOS name
493 that Samba uses for itself. This is identical to
494 setting the <smbconfoption name="netbios name" />
495 parameter in the &smb.conf; file. However, a command
496 line setting will take precedence over settings in
503 <!ENTITY cmdline.common.connection.workgroup '
505 <term>-W|--workgroup=WORKGROUP</term>
508 Set the SMB domain of the username. This overrides
509 the default domain which is the domain defined in
510 smb.conf. If the domain specified is the same as the
511 servers NetBIOS name, it causes the client to log on
512 using the servers local SAM (as opposed to the Domain
517 Note that specifying this parameter here will override
518 the <smbconfoption name="workgroup" /> parameter in the
525 <!ENTITY cmdline.common.connection.realm '
527 <term>-r|--realm=REALM</term>
530 Set the realm for the domain.
534 Note that specifying this parameter here will override
535 the <smbconfoption name="realm" /> parameter in the
541 <!ENTITY cmdline.common.connection.netbiosscope '
543 <term>--netbios-scope=SCOPE</term>
546 This specifies a NetBIOS scope that
547 <command>nmblookup</command> will use to communicate
548 with when generating NetBIOS names. For details on the
549 use of NetBIOS scopes, see rfc1001.txt and rfc1002.txt.
550 NetBIOS scopes are <emphasis>very</emphasis> rarely
551 used, only set this parameter if you are the system
552 administrator in charge of all the NetBIOS systems you
559 <!ENTITY cmdline.common.connection.max-protocol '
561 <term>-m|--max-protocol=MAXPROTOCOL</term>
564 The value of the parameter (a string) is the highest
565 protocol level that will be supported by the client.
569 Note that specifying this parameter here will override
570 the <smbconfoption name="client max protocol" />
571 parameter in the &smb.conf; file.
577 <!ENTITY cmdline.common.connection '
578 &cmdline.common.connection.nameresolve;
579 &cmdline.common.connection.socketoptions;
580 &cmdline.common.connection.max-protocol;
581 &cmdline.common.connection.netbiosname;
582 &cmdline.common.connection.netbiosscope;
583 &cmdline.common.connection.workgroup;
584 &cmdline.common.connection.realm;
587 <!ENTITY pct "%">
589 <!ENTITY cmdline.common.credentials.user '
591 <term>-U|--user=[DOMAIN\]USERNAME[&pct;PASSWORD]</term>
594 Sets the SMB username or username and password.
598 If &pct;PASSWORD is not specified, the user will be
599 prompted. The client will first check the
600 <envar>USER</envar> environment variable
601 (which is also permitted to also contain the
602 password seperated by a &pct;), then the
603 <envar>LOGNAME</envar> variable (which is not
604 permitted to contain a password) and if either exists,
605 the value is used. If these environmental
606 variables are not found, the username
607 found in a Kerberos Credentials cache may be used.
611 A third option is to use a credentials file which
612 contains the plaintext of the username and password.
613 This option is mainly provided for scripts where the
614 admin does not wish to pass the credentials on the
615 command line or via environment variables. If this
616 method is used, make certain that the permissions on
617 the file restrict access from unwanted users. See the
618 <parameter>-A</parameter> for more details.
622 Be cautious about including passwords in scripts
623 or passing user-supplied values onto the command line. For
624 security it is better to let the Samba client tool ask for the
625 password if needed, or obtain the password once with <command>kinit</command>.
628 While Samba will attempt to scrub the password
629 from the process title (as seen in ps), this
630 is after startup and so is subject to a race.
636 <!ENTITY cmdline.common.credentials.nopass '
638 <term>-N|--no-pass</term>
641 If specified, this parameter suppresses the normal
642 password prompt from the client to the user. This is
643 useful when accessing a service that does not require a
648 Unless a password is specified on the command line or
649 this parameter is specified, the client will request a
654 If a password is specified on the command line and this
655 option is also defined the password on the command line
656 will be silently ignored and no password will be
663 <!ENTITY cmdline.common.credentials.password '
665 <term>--password</term>
668 Specify the password on the commandline.
671 <para> Be cautious about including passwords in
672 scripts or passing user-supplied values onto
673 the command line. For security it is better to
674 let the Samba client tool ask for the password
675 if needed, or obtain the password once with
676 <command>kinit</command>.
679 <para> If --password is not specified,
680 the tool will check the <envar>PASSWD</envar>
681 environment variable, followed by <envar>PASSWD_FD</envar>
682 which is expected to contain an open
683 file descriptor (FD) number.
686 Finally it will check <envar>PASSWD_FILE</envar> (containing
687 a file path to be opened). The file should only
688 contain the password. Make certain that the
689 permissions on the file restrict
690 access from unwanted users!
693 While Samba will attempt to scrub the password
694 from the process title (as seen in ps), this
695 is after startup and so is subject to a race.
701 <!ENTITY cmdline.common.credentials.pwnthash '
703 <term>--pw-nt-hash</term>
706 The supplied password is the NT hash.
712 <!ENTITY cmdline.common.credentials.authenticationfile '
714 <term>-A|--authentication-file=filename</term>
717 This option allows you to specify a file from which to
718 read the username and password used in the connection.
719 The format of the file is:
724 username = <value>
725 password = <value>
726 domain = <value>
731 Make certain that the permissions on the file restrict
732 access from unwanted users!
738 <!ENTITY cmdline.common.credentials.machinepass '
740 <term>-P|--machine-pass</term>
743 Use stored machine account password.
749 <!ENTITY cmdline.common.credentials.simplebinddn '
751 <term>--simple-bind-dn=DN</term>
754 DN to use for a simple bind.
760 <!ENTITY cmdline.common.credentials.usekerberos '
762 <term>--use-kerberos=desired|required|off</term>
765 This parameter determines whether Samba client tools
766 will try to authenticate using Kerberos. For Kerberos
767 authentication you need to use dns names instead of IP
768 addresses when connnecting to a service.
772 Note that specifying this parameter here will override
773 the <smbconfoption name="client use kerberos" />
774 parameter in the &smb.conf; file.
780 <!ENTITY cmdline.common.credentials.usekrb5ccache '
782 <term>--use-krb5-ccache=CCACHE</term>
785 Specifies the credential cache location for Kerberos
790 This will set --use-kerberos=required too.
796 <!ENTITY cmdline.common.credentials.usewinbindccache '
798 <term>--use-winbind-ccache</term>
801 Try to use the credential cache by winbind.
807 <!ENTITY cmdline.common.credentials.clientprotection '
809 <term>--client-protection=sign|encrypt|off</term>
812 Sets the connection protection the client tool should
817 Note that specifying this parameter here will override
818 the <smbconfoption name="client protection" />
819 parameter in the &smb.conf; file.
823 In case you need more fine grained control you can use:
824 <command>--option=clientsmbencrypt=OPTION</command>,
825 <command>--option=clientipcsigning=OPTION</command>,
826 <command>--option=clientsigning=OPTION</command>.
832 <!ENTITY cmdline.common.credentials '
833 &cmdline.common.credentials.user;
834 &cmdline.common.credentials.nopass;
835 &cmdline.common.credentials.password;
836 &cmdline.common.credentials.pwnthash;
837 &cmdline.common.credentials.authenticationfile;
838 &cmdline.common.credentials.machinepass;
839 &cmdline.common.credentials.simplebinddn;
840 &cmdline.common.credentials.usekerberos;
841 &cmdline.common.credentials.usekrb5ccache;
842 &cmdline.common.credentials.usewinbindccache;
843 &cmdline.common.credentials.clientprotection;
846 <!ENTITY cmdline.legacy.kerberos.s3 '
848 <term>-k|--kerberos</term>
851 Use kerberos authentication. This option is deprecated.
852 Migrate to --use-kerberos!
858 <!ENTITY cmdline.legacy.kerberos.s4 '
860 <term>-k|--kerberos=yes|no</term>
863 Wether to use kerberos authentication. This option is
864 deprecated. Migrate to --use-kerberos!
873 <!ENTITY stdarg.help '
875 <term>-?|--help</term>
876 <listitem><para>Print a summary of command line options.
881 <!ENTITY stdarg.usage '
884 <listitem><para>Display brief usage message.
889 <!ENTITY popt.autohelp '
894 <!-- Entities for the various programs -->
895 <!ENTITY OL '<application>OpenLDAP</application>'>
896 <!ENTITY smbd '<application>smbd</application>'>
897 <!ENTITY nmbd '<application>nmbd</application>'>
898 <!ENTITY testparm '<application>testparm</application>'>
899 <!ENTITY smb.conf '<filename>smb.conf</filename>'>
900 <!ENTITY smbclient '<application>smbclient</application>'>
901 <!ENTITY winbindd '<application>winbindd</application>'>
902 <!ENTITY net '<application>net</application>'>
904 <!ENTITY not.implemented "<note><para>Currently NOT implemented.</para></note>">
905 <!ENTITY rootprompt "<prompt>root# </prompt>">
906 <!ENTITY prompt "<prompt>$ </prompt>">
907 <!ENTITY dosprompt "<prompt>C:\> </prompt>">
909 <!ENTITY example.workgroup "MIDEARTH">
910 <!ENTITY example.server.samba "GANDALF">
911 <!ENTITY example.server.windows "SARUMAN">
912 <!ENTITY example.workstation.windows "FRODO">
913 <!ENTITY example.workstation.samba "BILBO">
914 <!ENTITY example.pdc.samba "SAURON">
915 <!ENTITY example.server.wins "noldor">
917 <!ENTITY smbmdash "<?latex --- ?>">
git.samba.org / bbaumbach / samba-autobuild / .git / blob