1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
3 <refentry id="rpcclient.1">
6 <refentrytitle>rpcclient</refentrytitle>
7 <manvolnum>1</manvolnum>
8 <refmiscinfo class="source">Samba</refmiscinfo>
9 <refmiscinfo class="manual">User Commands</refmiscinfo>
10 <refmiscinfo class="version">4.4</refmiscinfo>
15 <refname>rpcclient</refname>
16 <refpurpose>tool for executing client side
17 MS-RPC functions</refpurpose>
22 <command>rpcclient</command>
23 <arg choice="opt">-A authfile</arg>
24 <arg choice="opt">-c <command string></arg>
25 <arg choice="opt">-d debuglevel</arg>
26 <arg choice="opt">-l logdir</arg>
27 <arg choice="opt">-m maxprotocol</arg>
28 <arg choice="opt">-N</arg>
29 <arg choice="opt">-s <smb config file></arg>
30 <arg choice="opt">-U username[%password]</arg>
31 <arg choice="opt">-W workgroup</arg>
32 <arg choice="opt">-I destinationIP</arg>
33 <arg choice="req">server</arg>
38 <title>DESCRIPTION</title>
40 <para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
41 <manvolnum>7</manvolnum></citerefentry> suite.</para>
43 <para><command>rpcclient</command> is a utility initially developed
44 to test MS-RPC functionality in Samba itself. It has undergone
45 several stages of development and stability. Many system administrators
46 have now written scripts around it to manage Windows NT clients from
47 their UNIX workstation. </para>
52 <title>OPTIONS</title>
57 <listitem><para>NetBIOS name of Server to which to connect.
58 The server can be any SMB/CIFS server. The name is
59 resolved using the <smbconfoption name="name resolve order"/> line from <citerefentry><refentrytitle>smb.conf</refentrytitle>
60 <manvolnum>5</manvolnum></citerefentry>.</para></listitem>
65 <term>-c|--command=<command string></term>
66 <listitem><para>Execute semicolon separated commands (listed
67 below) </para></listitem>
72 <term>-I|--dest-ip IP-address</term>
73 <listitem><para><replaceable>IP address</replaceable> is the address of the server to connect to.
74 It should be specified in standard "a.b.c.d" notation. </para>
76 <para>Normally the client would attempt to locate a named
77 SMB/CIFS server by looking it up via the NetBIOS name resolution
78 mechanism described above in the <parameter>name resolve order</parameter>
79 parameter above. Using this parameter will force the client
80 to assume that the server is on the machine with the specified IP
81 address and the NetBIOS name component of the resource being
82 connected to will be ignored. </para>
84 <para>There is no default for this parameter. If not supplied,
85 it will be determined automatically by the client as described
86 above. </para></listitem>
90 <term>-m|--max-protocol protocol</term>
91 <listitem><para>This allows the user to select the
92 highest SMB protocol level that rpcclient will use to
93 connect to the server. By default this is set to
94 NT1, which is the highest available SMB1 protocol.
95 To connect using SMB2 or SMB3 protocol, use the
96 strings SMB2 or SMB3 respectively. Note that to connect
97 to a Windows 2012 server with encrypted transport selecting
98 a max-protocol of SMB3 is required.
103 <term>-p|--port port</term>
104 <listitem><para>This number is the TCP port number that will be used
105 when making connections to the server. The standard (well-known)
106 TCP port number for an SMB/CIFS server is 139, which is the
107 default. </para></listitem>
110 &stdarg.server.debug;
112 &popt.common.credentials;
113 &popt.common.connection;
120 <title>COMMANDS</title>
123 <title>LSARPC</title>
126 <varlistentry><term>lsaquery</term><listitem><para>Query info policy</para></listitem></varlistentry>
128 <varlistentry><term>lookupsids</term><listitem><para>Resolve a list
129 of SIDs to usernames.
130 </para></listitem></varlistentry>
132 <varlistentry><term>lookupnames</term><listitem><para>Resolve a list
133 of usernames to SIDs.
134 </para></listitem></varlistentry>
136 <varlistentry><term>enumtrust</term><listitem><para>Enumerate trusted domains</para></listitem></varlistentry>
138 <varlistentry><term>enumprivs</term><listitem><para>Enumerate privileges</para></listitem></varlistentry>
140 <varlistentry><term>getdispname</term><listitem><para>Get the privilege name</para></listitem></varlistentry>
142 <varlistentry><term>lsaenumsid</term><listitem><para>Enumerate the LSA SIDS</para></listitem></varlistentry>
144 <varlistentry><term>lsaenumprivsaccount</term><listitem><para>Enumerate the privileges of an SID</para></listitem></varlistentry>
146 <varlistentry><term>lsaenumacctrights</term><listitem><para>Enumerate the rights of an SID</para></listitem></varlistentry>
148 <varlistentry><term>lsaenumacctwithright</term><listitem><para>Enumerate accounts with a right</para></listitem></varlistentry>
150 <varlistentry><term>lsaaddacctrights</term><listitem><para>Add rights to an account</para></listitem></varlistentry>
152 <varlistentry><term>lsaremoveacctrights</term><listitem><para>Remove rights from an account</para></listitem></varlistentry>
154 <varlistentry><term>lsalookupprivvalue</term><listitem><para>Get a privilege value given its name</para></listitem></varlistentry>
156 <varlistentry><term>lsaquerysecobj</term><listitem><para>Query LSA security object</para></listitem></varlistentry>
162 <title>LSARPC-DS</title>
165 <varlistentry><term>dsroledominfo</term><listitem><para>Get Primary Domain Information</para></listitem></varlistentry>
170 <para><emphasis>DFS</emphasis></para>
172 <varlistentry><term>dfsexist</term><listitem><para>Query DFS support</para></listitem></varlistentry>
173 <varlistentry><term>dfsadd</term><listitem><para>Add a DFS share</para></listitem></varlistentry>
174 <varlistentry><term>dfsremove</term><listitem><para>Remove a DFS share</para></listitem></varlistentry>
175 <varlistentry><term>dfsgetinfo</term><listitem><para>Query DFS share info</para></listitem></varlistentry>
176 <varlistentry><term>dfsenum</term><listitem><para>Enumerate dfs shares</para></listitem></varlistentry>
184 <varlistentry><term>shutdown</term><listitem><para>Remote Shutdown</para></listitem></varlistentry>
185 <varlistentry><term>abortshutdown</term><listitem><para>Abort Shutdown</para></listitem></varlistentry>
191 <title>SRVSVC</title>
194 <varlistentry><term>srvinfo</term><listitem><para>Server query info</para></listitem></varlistentry>
195 <varlistentry><term>netshareenum</term><listitem><para>Enumerate shares</para></listitem></varlistentry>
196 <varlistentry><term>netshareenumall</term><listitem><para>Enumerate all shares</para></listitem></varlistentry>
197 <varlistentry><term>netsharegetinfo</term><listitem><para>Get Share Info</para></listitem></varlistentry>
198 <varlistentry><term>netsharesetinfo</term><listitem><para>Set Share Info</para></listitem></varlistentry>
199 <varlistentry><term>netsharesetdfsflags</term><listitem><para>Set DFS flags</para></listitem></varlistentry>
200 <varlistentry><term>netfileenum</term><listitem><para>Enumerate open files</para></listitem></varlistentry>
201 <varlistentry><term>netremotetod</term><listitem><para>Fetch remote time of day</para></listitem></varlistentry>
202 <varlistentry><term>netnamevalidate</term><listitem><para>Validate sharename</para></listitem></varlistentry>
203 <varlistentry><term>netfilegetsec</term><listitem><para>Get File security</para></listitem></varlistentry>
204 <varlistentry><term>netsessdel</term><listitem><para>Delete Session</para></listitem></varlistentry>
205 <varlistentry><term>netsessenum</term><listitem><para>Enumerate Sessions</para></listitem></varlistentry>
206 <varlistentry><term>netdiskenum</term><listitem><para>Enumerate Disks</para></listitem></varlistentry>
207 <varlistentry><term>netconnenum</term><listitem><para>Enumerate Connections</para></listitem></varlistentry>
208 <varlistentry><term>netshareadd</term><listitem><para>Add share</para></listitem></varlistentry>
209 <varlistentry><term>netsharedel</term><listitem><para>Delete share</para></listitem></varlistentry>
218 <varlistentry><term>queryuser</term><listitem><para>Query user info</para></listitem></varlistentry>
219 <varlistentry><term>querygroup</term><listitem><para>Query group info</para></listitem></varlistentry>
220 <varlistentry><term>queryusergroups</term><listitem><para>Query user groups</para></listitem></varlistentry>
221 <varlistentry><term>querygroupmem</term><listitem><para>Query group membership</para></listitem></varlistentry>
222 <varlistentry><term>queryaliasmem</term><listitem><para>Query alias membership</para></listitem></varlistentry>
223 <varlistentry><term>querydispinfo</term><listitem><para>Query display info</para></listitem></varlistentry>
224 <varlistentry><term>querydominfo</term><listitem><para>Query domain info</para></listitem></varlistentry>
225 <varlistentry><term>enumdomusers</term><listitem><para>Enumerate domain users</para></listitem></varlistentry>
226 <varlistentry><term>enumdomgroups</term><listitem><para>Enumerate domain groups</para></listitem></varlistentry>
227 <varlistentry><term>enumalsgroups</term><listitem><para>Enumerate alias groups</para></listitem></varlistentry>
228 <varlistentry><term>createdomuser</term><listitem><para>Create domain user</para></listitem></varlistentry>
229 <varlistentry><term>samlookupnames</term><listitem><para>Look up names</para></listitem></varlistentry>
230 <varlistentry><term>samlookuprids</term><listitem><para>Look up names</para></listitem></varlistentry>
231 <varlistentry><term>deletedomuser</term><listitem><para>Delete domain user</para></listitem></varlistentry>
232 <varlistentry><term>samquerysecobj</term><listitem><para>Query SAMR security object</para></listitem></varlistentry>
233 <varlistentry><term>getdompwinfo</term><listitem><para>Retrieve domain password info</para></listitem></varlistentry>
234 <varlistentry><term>lookupdomain</term><listitem><para>Look up domain</para></listitem></varlistentry>
240 <title>SPOOLSS</title>
243 <varlistentry><term>adddriver <arch> <config> [<version>]</term>
245 Execute an AddPrinterDriver() RPC to install the printer driver
246 information on the server. Note that the driver files should
247 already exist in the directory returned by
248 <command>getdriverdir</command>. Possible values for
249 <parameter>arch</parameter> are the same as those for
250 the <command>getdriverdir</command> command.
251 The <parameter>config</parameter> parameter is defined as
254 <para><programlisting>
260 Language Monitor Name:\
262 Comma Separated list of Files
263 </programlisting></para>
265 <para>Any empty fields should be enter as the string "NULL". </para>
267 <para>Samba does not need to support the concept of Print Monitors
268 since these only apply to local printers whose driver can make
269 use of a bi-directional link for communication. This field should
270 be "NULL". On a remote NT print server, the Print Monitor for a
271 driver must already be installed prior to adding the driver or
272 else the RPC will fail. </para>
274 <para>The <parameter>version</parameter> parameter lets you
275 specify the printer driver version number. If omitted, the
276 default driver version for the specified architecture will
277 be used. This option can be used to upload Windows 2000
278 (version 3) printer drivers.</para></listitem></varlistentry>
280 <varlistentry><term>addprinter <printername>
281 <sharename> <drivername> <port></term>
283 Add a printer on the remote server. This printer
284 will be automatically shared. Be aware that the printer driver
285 must already be installed on the server (see <command>adddriver</command>)
286 and the <parameter>port</parameter>must be a valid port name (see
287 <command>enumports</command>.</para>
288 </listitem></varlistentry>
291 <varlistentry><term>deldriver <driver></term><listitem><para>Delete the
292 specified printer driver for all architectures. This
293 does not delete the actual driver files from the server,
294 only the entry from the server's list of drivers.
295 </para></listitem></varlistentry>
297 <varlistentry><term>deldriverex <driver> [architecture] [version] [flags]
298 </term><listitem><para>Delete the specified printer driver and optionally files
299 associated with the driver.
300 You can limit this action to a specific architecture and a specific version.
301 If no architecture is given, all driver files of that driver will be deleted.
302 <parameter>flags</parameter> correspond to numeric DPD_* values, i.e. a value
303 of 3 requests (DPD_DELETE_UNUSED_FILES | DPD_DELETE_SPECIFIC_VERSION).
304 </para></listitem></varlistentry>
306 <varlistentry><term>enumdata</term><listitem><para>Enumerate all
307 printer setting data stored on the server. On Windows NT clients,
308 these values are stored in the registry, while Samba servers
309 store them in the printers TDB. This command corresponds
310 to the MS Platform SDK GetPrinterData() function (* This
311 command is currently unimplemented).</para></listitem></varlistentry>
313 <varlistentry><term>enumdataex</term><listitem><para>Enumerate printer data for a key</para></listitem></varlistentry>
315 <varlistentry><term>enumjobs <printer></term>
316 <listitem><para>List the jobs and status of a given printer.
317 This command corresponds to the MS Platform SDK EnumJobs()
318 function</para></listitem></varlistentry>
320 <varlistentry><term>enumkey</term><listitem><para>Enumerate
321 printer keys</para></listitem></varlistentry>
323 <varlistentry><term>enumports [level]</term>
325 Executes an EnumPorts() call using the specified
326 info level. Currently only info levels 1 and 2 are supported.
327 </para></listitem></varlistentry>
331 <varlistentry><term>enumdrivers [level]</term>
333 Execute an EnumPrinterDrivers() call. This lists the various installed
334 printer drivers for all architectures. Refer to the MS Platform SDK
335 documentation for more details of the various flags and calling
336 options. Currently supported info levels are 1, 2, and 3.</para></listitem></varlistentry>
340 <varlistentry><term>enumprinters [level]</term>
341 <listitem><para>Execute an EnumPrinters() call. This lists the various installed
342 and share printers. Refer to the MS Platform SDK documentation for
343 more details of the various flags and calling options. Currently
344 supported info levels are 1, 2 and 5.</para></listitem></varlistentry>
349 <varlistentry><term>getdata <printername> <valuename;></term>
350 <listitem><para>Retrieve the data for a given printer setting. See
351 the <command>enumdata</command> command for more information.
352 This command corresponds to the GetPrinterData() MS Platform
353 SDK function. </para></listitem></varlistentry>
355 <varlistentry><term>getdataex</term><listitem><para>Get
356 printer driver data with
357 keyname</para></listitem></varlistentry>
360 <varlistentry><term>getdriver <printername></term>
362 Retrieve the printer driver information (such as driver file,
363 config file, dependent files, etc...) for
364 the given printer. This command corresponds to the GetPrinterDriver()
365 MS Platform SDK function. Currently info level 1, 2, and 3 are supported.
366 </para></listitem></varlistentry>
369 <varlistentry><term>getdriverdir <arch></term>
371 Execute a GetPrinterDriverDirectory()
372 RPC to retrieve the SMB share name and subdirectory for
373 storing printer driver files for a given architecture. Possible
374 values for <parameter>arch</parameter> are "Windows 4.0"
375 (for Windows 95/98), "Windows NT x86", "Windows NT PowerPC", "Windows
376 Alpha_AXP", and "Windows NT R4000". </para></listitem></varlistentry>
380 <varlistentry><term>getprinter <printername></term>
381 <listitem><para>Retrieve the current printer information. This command
382 corresponds to the GetPrinter() MS Platform SDK function.
383 </para></listitem></varlistentry>
385 <varlistentry><term>getprintprocdir</term><listitem><para>Get
387 directory</para></listitem></varlistentry>
389 <varlistentry><term>openprinter <printername></term>
390 <listitem><para>Execute an OpenPrinterEx() and ClosePrinter() RPC
391 against a given printer. </para></listitem></varlistentry>
393 <varlistentry><term>setdriver <printername>
394 <drivername></term>
395 <listitem><para>Execute a SetPrinter() command to update the printer driver
396 associated with an installed printer. The printer driver must
397 already be correctly installed on the print server. </para>
399 <para>See also the <command>enumprinters</command> and
400 <command>enumdrivers</command> commands for obtaining a list of
401 of installed printers and drivers.</para></listitem></varlistentry>
403 <varlistentry><term>addform</term><listitem><para>Add form</para></listitem></varlistentry>
404 <varlistentry><term>setform</term><listitem><para>Set form</para></listitem></varlistentry>
405 <varlistentry><term>getform</term><listitem><para>Get form</para></listitem></varlistentry>
406 <varlistentry><term>deleteform</term><listitem><para>Delete form</para></listitem></varlistentry>
407 <varlistentry><term>enumforms</term><listitem><para>Enumerate form</para></listitem></varlistentry>
408 <varlistentry><term>setprinter</term><listitem><para>Set printer comment</para></listitem></varlistentry>
409 <varlistentry><term>setprinterdata</term><listitem><para>Set REG_SZ printer data</para></listitem></varlistentry>
411 <varlistentry><term>setprintername <printername>
412 <newprintername></term>
413 <listitem><para>Set printer name</para></listitem></varlistentry>
415 <varlistentry><term>rffpcnex</term><listitem><para>Rffpcnex test</para></listitem></varlistentry>
423 <title>NETLOGON</title>
427 <varlistentry><term>logonctrl2</term>
428 <listitem><para>Logon Control 2</para></listitem>
431 <varlistentry><term>logonctrl</term>
432 <listitem><para>Logon Control</para></listitem>
435 <varlistentry><term>samsync</term>
436 <listitem><para>Sam Synchronisation</para></listitem>
439 <varlistentry><term>samdeltas</term>
440 <listitem><para>Query Sam Deltas</para></listitem>
443 <varlistentry><term>samlogon</term>
444 <listitem><para>Sam Logon</para></listitem>
454 <varlistentry><term>fss_is_path_sup <share></term>
456 <para>Check whether a share supports shadow-copy
460 <varlistentry><term>fss_get_sup_version</term>
462 <para>Get supported FSRVP version from server</para>
465 <varlistentry><term>fss_create_expose <context> <[ro|rw]>
467 [share2] ... [shareN]</term>
469 <para>Request shadow-copy creation and exposure as a
473 <varlistentry><term>fss_delete <base_share>
474 <shadow_copy_set_id>
475 <shadow_copy_id></term>
477 <para>Request shadow-copy share deletion</para>
480 <varlistentry><term>fss_has_shadow_copy <base_share></term>
482 <para>Check for an associated share shadow-copy</para>
485 <varlistentry><term>fss_get_mapping <base_share>
486 <shadow_copy_set_id>
487 <shadow_copy_id></term>
489 <para>Get shadow-copy share mapping information</para>
492 <varlistentry><term>fss_recovery_complete <shadow_copy_set_id></term>
494 <para>Flag read-write shadow-copy as recovery complete,
495 allowing further shadow-copy requests</para>
503 <title>GENERAL COMMANDS</title>
506 <varlistentry><term>debuglevel</term><listitem><para>Set the current
507 debug level used to log information.</para></listitem></varlistentry>
509 <varlistentry><term>help (?)</term><listitem><para>Print a listing of all
510 known commands or extended help on a particular command.
511 </para></listitem></varlistentry>
513 <varlistentry><term>quit (exit)</term><listitem><para>Exit <command>rpcclient
514 </command>.</para></listitem></varlistentry>
523 <para><command>rpcclient</command> is designed as a developer testing tool
524 and may not be robust in certain areas (such as command line parsing).
525 It has been known to generate a core dump upon failures when invalid
526 parameters where passed to the interpreter. </para>
528 <para>From Luke Leighton's original rpcclient man page:</para>
530 <para><emphasis>WARNING!</emphasis> The MSRPC over SMB code has
531 been developed from examining Network traces. No documentation is
532 available from the original creators (Microsoft) on how MSRPC over
533 SMB works, or how the individual MSRPC services work. Microsoft's
534 implementation of these services has been demonstrated (and reported)
535 to be... a bit flaky in places. </para>
537 <para>The development of Samba's implementation is also a bit rough,
538 and as more of the services are understood, it can even result in
539 versions of <citerefentry><refentrytitle>smbd</refentrytitle>
540 <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>rpcclient</refentrytitle>
541 <manvolnum>1</manvolnum></citerefentry> that are incompatible for some commands or services. Additionally,
542 the developers are sending reports to Microsoft, and problems found
543 or reported to Microsoft are fixed in Service Packs, which may
544 result in incompatibilities.</para>
549 <title>VERSION</title>
551 <para>This man page is correct for version 3 of the Samba
556 <title>AUTHOR</title>
558 <para>The original Samba software and related utilities
559 were created by Andrew Tridgell. Samba is now developed
560 by the Samba Team as an Open Source project similar
561 to the way the Linux kernel is developed.</para>
563 <para>The original rpcclient man page was written by Matthew
564 Geddes, Luke Kenneth Casson Leighton, and rewritten by Gerald Carter.
565 The conversion to DocBook for Samba 2.2 was done by Gerald
566 Carter. The conversion to DocBook XML 4.2 for Samba 3.0 was
567 done by Alexander Bokovoy.</para>
git.samba.org / samba.git / blob