1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
6 <refentrytitle>net</refentrytitle>
7 <manvolnum>8</manvolnum>
12 <refname>net</refname>
13 <refpurpose>Tool for administration of Samba and remote
20 <command>net</command>
21 <arg choice="req"><ads|rap|rpc></arg>
22 <arg choice="opt">-h</arg>
23 <arg choice="opt">-w workgroup</arg>
24 <arg choice="opt">-W myworkgroup</arg>
25 <arg choice="opt">-U user</arg>
26 <arg choice="opt">-I ip-address</arg>
27 <arg choice="opt">-p port</arg>
28 <arg choice="opt">-n myname</arg>
29 <arg choice="opt">-s conffile</arg>
30 <arg choice="opt">-S server</arg>
31 <arg choice="opt">-l</arg>
32 <arg choice="opt">-P</arg>
33 <arg choice="opt">-d debuglevel</arg>
34 <arg choice="opt">-V</arg>
39 <title>DESCRIPTION</title>
41 <para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
42 <manvolnum>7</manvolnum></citerefentry> suite.</para>
44 <para>The samba net utility is meant to work just like the net utility
45 available for windows and DOS. The first argument should be used
46 to specify the protocol to use when executing a certain command.
47 ADS is used for ActiveDirectory, RAP is using for old (Win9x/NT3)
48 clients and RPC can be used for NT4 and Windows 2000. If this
49 argument is omitted, net will try to determine it automatically.
50 Not all commands are available on all protocols.
56 <title>OPTIONS</title>
62 <term>-w target-workgroup</term>
64 Sets target workgroup or domain. You have to specify
65 either this option or the IP address or the name of a server.
70 <term>-W workgroup</term>
72 Sets client workgroup or domain
84 <term>-I ip-address</term>
86 IP address of target server to use. You have to
87 specify either this option or a target workgroup or
95 Port on the target server to connect to (usually 139 or 445).
96 Defaults to trying 445 first, then 139.
100 &stdarg.netbios.name;
104 <term>-S server</term>
106 Name of target server. You should specify either
107 this option or a target workgroup or a target IP address.
114 When listing data, give more information on each item.
121 Make queries to the external server using the machine account of the local server.
130 <title>COMMANDS</title>
133 <title>CHANGESECRETPW</title>
135 <para>This command allows the Samba machine account password to be set from an external application
136 to a machine account password that has already been stored in Active Directory. DO NOT USE this command
137 unless you know exactly what you are doing. The use of this command requires that the force flag (-f)
138 be used also. There will be NO command prompt. Whatever information is piped into stdin, either by
139 typing at the command line or otherwise, will be stored as the literal machine password. Do NOT use
140 this without care and attention as it will overwrite a legitimate machine password without warning.
141 YOU HAVE BEEN WARNED.
149 <para>The <command>NET TIME</command> command allows you to view the time on a remote server
150 or synchronise the time on the local server with the time on the remote server.</para>
155 <para>Without any options, the <command>NET TIME</command> command
156 displays the time on the remote server.
162 <title>TIME SYSTEM</title>
164 <para>Displays the time on the remote server in a format ready for <command>/bin/date</command></para>
169 <title>TIME SET</title>
170 <para>Tries to set the date and time of the local server to that on
171 the remote server using <command>/bin/date</command>. </para>
176 <title>TIME ZONE</title>
178 <para>Displays the timezone in hours from GMT on the remote computer.</para>
184 <title>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]</title>
187 Join a domain. If the account already exists on the server, and
188 [TYPE] is MEMBER, the machine will attempt to join automatically.
189 (Assuming that the machine has been created in server manager)
190 Otherwise, a password will be prompted for, and a new account may
194 [TYPE] may be PDC, BDC or MEMBER to specify the type of server
199 [UPN] (ADS only) set the principalname attribute during the join. The default
200 format is host/netbiosname@REALM.
204 [OU] (ADS only) Precreate the computer account in a specific OU. The
205 OU string reads from top to bottom without RDNs, and is delimited by
206 a '/'. Please note that '\' is used for escape by both the shell
207 and ldap, so it may need to be doubled or quadrupled to pass through,
208 and it is not used as a delimiter.
213 <title>[RPC] OLDJOIN [options]</title>
215 <para>Join a domain. Use the OLDJOIN option to join the domain
216 using the old style of domain joining - you need to create a trust
217 account in server manager first.</para>
221 <title>[RPC|ADS] USER</title>
224 <title>[RPC|ADS] USER</title>
226 <para>List all users</para>
231 <title>[RPC|ADS] USER DELETE <replaceable>target</replaceable></title>
233 <para>Delete specified user</para>
238 <title>[RPC|ADS] USER INFO <replaceable>target</replaceable></title>
240 <para>List the domain groups of the specified user.</para>
245 <title>[RPC|ADS] USER RENAME <replaceable>oldname</replaceable> <replaceable>newname</replaceable></title>
247 <para>Rename specified user.</para>
252 <title>[RPC|ADS] USER ADD <replaceable>name</replaceable> [password] [-F user flags] [-C comment]</title>
254 <para>Add specified user.</para>
259 <title>[RPC|ADS] GROUP</title>
262 <title>[RPC|ADS] GROUP [misc options] [targets]</title>
263 <para>List user groups.</para>
267 <title>[RPC|ADS] GROUP DELETE <replaceable>name</replaceable> [misc. options]</title>
269 <para>Delete specified group.</para>
274 <title>[RPC|ADS] GROUP ADD <replaceable>name</replaceable> [-C comment]</title>
276 <para>Create specified group.</para>
282 <title>[RAP|RPC] SHARE</title>
285 <title>[RAP|RPC] SHARE [misc. options] [targets]</title>
287 <para>Enumerates all exported resources (network shares) on target server.</para>
292 <title>[RAP|RPC] SHARE ADD <replaceable>name=serverpath</replaceable> [-C comment] [-M maxusers] [targets]</title>
294 <para>Adds a share from a server (makes the export active). Maxusers
295 specifies the number of users that can be connected to the
296 share simultaneously.</para>
301 <title>SHARE DELETE <replaceable>sharenam</replaceable></title>
303 <para>Delete specified share.</para>
308 <title>[RPC|RAP] FILE</title>
311 <title>[RPC|RAP] FILE</title>
313 <para>List all open files on remote server.</para>
318 <title>[RPC|RAP] FILE CLOSE <replaceable>fileid</replaceable></title>
320 <para>Close file with specified <replaceable>fileid</replaceable> on
321 remote server.</para>
326 <title>[RPC|RAP] FILE INFO <replaceable>fileid</replaceable></title>
329 Print information on specified <replaceable>fileid</replaceable>.
330 Currently listed are: file-id, username, locks, path, permissions.
336 <title>[RAP|RPC] FILE USER</title>
345 <title>SESSION</title>
348 <title>RAP SESSION</title>
350 <para>Without any other options, SESSION enumerates all active SMB/CIFS
351 sessions on the target server.</para>
356 <title>RAP SESSION DELETE|CLOSE <replaceable>CLIENT_NAME</replaceable></title>
358 <para>Close the specified sessions.</para>
363 <title>RAP SESSION INFO <replaceable>CLIENT_NAME</replaceable></title>
365 <para>Give a list with all the open files in specified session.</para>
372 <title>RAP SERVER <replaceable>DOMAIN</replaceable></title>
374 <para>List all servers in specified domain or workgroup. Defaults
375 to local domain.</para>
380 <title>RAP DOMAIN</title>
382 <para>Lists all domains and workgroups visible on the
383 current network.</para>
388 <title>RAP PRINTQ</title>
391 <title>RAP PRINTQ LIST <replaceable>QUEUE_NAME</replaceable></title>
393 <para>Lists the specified print queue and print jobs on the server.
394 If the <replaceable>QUEUE_NAME</replaceable> is omitted, all
395 queues are listed.</para>
400 <title>RAP PRINTQ DELETE <replaceable>JOBID</replaceable></title>
402 <para>Delete job with specified id.</para>
409 <title>RAP VALIDATE <replaceable>user</replaceable> [<replaceable>password</replaceable>]</title>
412 Validate whether the specified user can log in to the
413 remote server. If the password is not specified on the commandline, it
422 <title>RAP GROUPMEMBER</title>
425 <title>RAP GROUPMEMBER LIST <replaceable>GROUP</replaceable></title>
427 <para>List all members of the specified group.</para>
432 <title>RAP GROUPMEMBER DELETE <replaceable>GROUP</replaceable> <replaceable>USER</replaceable></title>
434 <para>Delete member from group.</para>
439 <title>RAP GROUPMEMBER ADD <replaceable>GROUP</replaceable> <replaceable>USER</replaceable></title>
441 <para>Add member to group.</para>
448 <title>RAP ADMIN <replaceable>command</replaceable></title>
450 <para>Execute the specified <replaceable>command</replaceable> on
451 the remote server. Only works with OS/2 servers.
459 <title>RAP SERVICE</title>
462 <title>RAP SERVICE START <replaceable>NAME</replaceable> [arguments...]</title>
464 <para>Start the specified service on the remote server. Not implemented yet.</para>
471 <title>RAP SERVICE STOP</title>
473 <para>Stop the specified service on the remote server.</para>
482 <title>RAP PASSWORD <replaceable>USER</replaceable> <replaceable>OLDPASS</replaceable> <replaceable>NEWPASS</replaceable></title>
485 Change password of <replaceable>USER</replaceable> from <replaceable>OLDPASS</replaceable> to <replaceable>NEWPASS</replaceable>.
491 <title>LOOKUP</title>
494 <title>LOOKUP HOST <replaceable>HOSTNAME</replaceable> [<replaceable>TYPE</replaceable>]</title>
497 Lookup the IP address of the given host with the specified type (netbios suffix).
498 The type defaults to 0x20 (workstation).
504 <title>LOOKUP LDAP [<replaceable>DOMAIN</replaceable></title>
506 <para>Give IP address of LDAP server of specified <replaceable>DOMAIN</replaceable>. Defaults to local domain.</para>
511 <title>LOOKUP KDC [<replaceable>REALM</replaceable>]</title>
513 <para>Give IP address of KDC for the specified <replaceable>REALM</replaceable>.
514 Defaults to local realm.</para>
519 <title>LOOKUP DC [<replaceable>DOMAIN</replaceable>]</title>
521 <para>Give IP's of Domain Controllers for specified <replaceable>
522 DOMAIN</replaceable>. Defaults to local domain.</para>
527 <title>LOOKUP MASTER <replaceable>DOMAIN</replaceable></title>
529 <para>Give IP of master browser for specified <replaceable>DOMAIN</replaceable>
530 or workgroup. Defaults to local domain.</para>
539 <para>Samba uses a general caching interface called 'gencache'. It
540 can be controlled using 'NET CACHE'.</para>
542 <para>All the timeout parameters support the suffixes:
545 <member>s - Seconds</member>
546 <member>m - Minutes</member>
547 <member>h - Hours</member>
548 <member>d - Days</member>
549 <member>w - Weeks</member>
555 <title>CACHE ADD <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable></title>
557 <para>Add specified key+data to the cache with the given timeout.</para>
562 <title>CACHE DEL <replaceable>key</replaceable></title>
564 <para>Delete key from the cache.</para>
569 <title>CACHE SET <replaceable>key</replaceable> <replaceable>data</replaceable> <replaceable>time-out</replaceable></title>
571 <para>Update data of existing cache entry.</para>
576 <title>CACHE SEARCH <replaceable>PATTERN</replaceable></title>
578 <para>Search for the specified pattern in the cache data.</para>
583 <title>CACHE LIST</title>
586 List all current items in the cache.
592 <title>CACHE FLUSH</title>
594 <para>Remove all the current items from the cache.</para>
601 <title>GETLOCALSID [DOMAIN]</title>
603 <para>Print the SID of the specified domain, or if the parameter is
604 omitted, the SID of the domain the local server is in.</para>
609 <title>SETLOCALSID S-1-5-21-x-y-z</title>
611 <para>Sets domain sid for the local server to the specified SID.</para>
616 <title>GROUPMAP</title>
618 <para>Manage the mappings between Windows group SIDs and UNIX groups.
619 Parameters take the for "parameter=value". Common options include:</para>
622 <listitem><para>unixgroup - Name of the UNIX group</para></listitem>
623 <listitem><para>ntgroup - Name of the Windows NT group (must be
624 resolvable to a SID</para></listitem>
625 <listitem><para>rid - Unsigned 32-bit integer</para></listitem>
626 <listitem><para>sid - Full SID in the form of "S-1-..."</para></listitem>
627 <listitem><para>type - Type of the group; either 'domain', 'local',
628 or 'builtin'</para></listitem>
629 <listitem><para>comment - Freeform text description of the group</para></listitem>
633 <title>GROUPMAP ADD</title>
636 Add a new group mapping entry:
638 net groupmap add {rid=int|sid=string} unixgroup=string \
639 [type={domain|local}] [ntgroup=string] [comment=string]
646 <title>GROUPMAP DELETE</title>
648 <para>Delete a group mapping entry. If more then one group name matches, the first entry found is deleted.</para>
650 <para>net groupmap delete {ntgroup=string|sid=SID}</para>
655 <title>GROUPMAP MODIFY</title>
657 <para>Update en existing group entry</para>
661 net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \
662 [comment=string] [type={domain|local}]
668 <title>GROUPMAP LIST</title>
670 <para>List existing group mapping entries</para>
672 <para>net groupmap list [verbose] [ntgroup=string] [sid=SID]</para>
680 <title>MAXRID</title>
682 <para>Prints out the highest RID currently in use on the local
683 server (by the active 'passdb backend').
689 <title>RPC INFO</title>
691 <para>Print information about the domain of the remote server,
692 such as domain name, domain sid and number of users and groups.
698 <title>[RPC|ADS] TESTJOIN</title>
700 <para>Check whether participation in a domain is still valid.</para>
705 <title>[RPC|ADS] CHANGETRUSTPW</title>
707 <para>Force change of domain trust password.</para>
712 <title>RPC TRUSTDOM</title>
715 <title>RPC TRUSTDOM ADD <replaceable>DOMAIN</replaceable></title>
717 <para>Add a interdomain trust account for
718 <replaceable>DOMAIN</replaceable> to the remote server.
724 <title>RPC TRUSTDOM DEL <replaceable>DOMAIM</replaceable></title>
726 <para>Remove interdomain trust account for
727 <replaceable>DOMAIN</replaceable> from the remote server.
735 <title>RPC TRUSTDOM ESTABLISH <replaceable>DOMAIN</replaceable></title>
738 Establish a trust relationship to a trusting domain.
739 Interdomain account must already be created on the remote PDC.
745 <title>RPC TRUSTDOM REVOKE <replaceable>DOMAIN</replaceable></title>
746 <para>Abandon relationship to trusted domain</para>
751 <title>RPC TRUSTDOM LIST</title>
753 <para>List all current interdomain trust relationships.</para>
758 <title>RPC RIGHTS</title>
760 <para>This subcommand is used to view and manage Samba's rights assignments (also
761 referred to as privileges). There are three options current available:
762 <parameter>list</parameter>, <parameter>grant</parameter>, and
763 <parameter>revoke</parameter>. More details on Samba's privilege model and its use
764 can be found in the Samba-HOWTO-Collection.</para>
772 <title>RPC ABORTSHUTDOWN</title>
774 <para>Abort the shutdown of a remote server.</para>
779 <title>RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]</title>
781 <para>Shut down the remote server.</para>
787 Reboot after shutdown.
794 Force shutting down all applications.
799 <term>-t timeout</term>
801 Timeout before system will be shut down. An interactive
802 user of the system can use this time to cancel the shutdown.
807 <term>-C message</term>
808 <listitem><para>Display the specified message on the screen to
809 announce the shutdown.</para></listitem>
816 <title>RPC SAMDUMP</title>
818 <para>Print out sam database of remote server. You need
819 to run this against the PDC, from a Samba machine joined as a BDC. </para>
823 <title>RPC VAMPIRE</title>
825 <para>Export users, aliases and groups from remote server to
826 local server. You need to run this against the PDC, from a Samba machine joined as a BDC.
832 <title>RPC GETSID</title>
834 <para>Fetch domain SID and store it in the local <filename>secrets.tdb</filename>. </para>
839 <title>ADS LEAVE</title>
841 <para>Make the remote host leave the domain it is part of. </para>
846 <title>ADS STATUS</title>
848 <para>Print out status of machine account of the local machine in ADS.
849 Prints out quite some debug info. Aimed at developers, regular
850 users should use <command>NET ADS TESTJOIN</command>.</para>
855 <title>ADS PRINTER</title>
858 <title>ADS PRINTER INFO [<replaceable>PRINTER</replaceable>] [<replaceable>SERVER</replaceable>]</title>
861 Lookup info for <replaceable>PRINTER</replaceable> on <replaceable>SERVER</replaceable>. The printer name defaults to "*", the
862 server name defaults to the local host.</para>
867 <title>ADS PRINTER PUBLISH <replaceable>PRINTER</replaceable></title>
869 <para>Publish specified printer using ADS.</para>
874 <title>ADS PRINTER REMOVE <replaceable>PRINTER</replaceable></title>
876 <para>Remove specified printer from ADS directory.</para>
883 <title>ADS SEARCH <replaceable>EXPRESSION</replaceable> <replaceable>ATTRIBUTES...</replaceable></title>
885 <para>Perform a raw LDAP search on a ADS server and dump the results. The
886 expression is a standard LDAP search expression, and the
887 attributes are a list of LDAP fields to show in the results.</para>
889 <para>Example: <userinput>net ads search '(objectCategory=group)' sAMAccountName</userinput>
895 <title>ADS DN <replaceable>DN</replaceable> <replaceable>(attributes)</replaceable></title>
898 Perform a raw LDAP search on a ADS server and dump the results. The
899 DN standard LDAP DN, and the attributes are a list of LDAP fields
900 to show in the result.
903 <para>Example: <userinput>net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName</userinput></para>
908 <title>ADS WORKGROUP</title>
910 <para>Print out workgroup name for specified kerberos realm.</para>
915 <title>SAM CREATEBUILTINGROUP <NAME></title>
918 (Re)Create a BUILTIN group.
919 Only a wellknown set of BUILTIN groups can be created with this command.
920 This is the list of currently recognized group names: Administrators,
921 Users, Guests, Power Users, Account Operators, Server Operators, Print
922 Operators, Backup Operators, Replicator, RAS Servers, Pre-Windows 2000
925 This command requires a running Winbindd with idmap allocation properly
926 configured. The group gid will be allocated out of the winbindd range.
932 <title>SAM CREATELOCALGROUP <NAME></title>
935 Create a LOCAL group (also known as Alias).
937 This command requires a running Winbindd with idmap allocation properly
938 configured. The group gid will be allocated out of the winbindd range.
944 <title>SAM DELETELOCALGROUP <NAME></title>
947 Delete an existing LOCAL group (also known as Alias).
954 <title>SAM MAPUNIXGROUP <NAME></title>
957 Map an existing Unix group and make it a Domain Group, the domain group
958 will have the same name.
964 <title>SAM UNMAPUNIXGROUP <NAME></title>
967 Remove an existing group mapping entry.
973 <title>SAM ADDMEM <GROUP> <MEMBER></title>
976 Add a member to a Local group. The group can be specified only by name,
977 the member can be specified by name or SID.
983 <title>SAM DELMEM <GROUP> <MEMBER></title>
986 Remove a member from a Local group. The group and the member must be
993 <title>SAM LISTMEM <GROUP></title>
996 List Local group members. The group must be specified by name.
1002 <title>SAM LIST <users|groups|localgroups|builtin|workstations> [verbose]</title>
1005 List the specified set of accounts by name. If verbose is specified,
1006 the rid and description is also provided for each account.
1012 <title>SAM SHOW <NAME></title>
1015 Show the full DOMAIN\\NAME the SID and the type for the corrisponding
1022 <title>SAM SET HOMEDIR <NAME> <DIRECTORY></title>
1025 Set the home directory for a user account.
1031 <title>SAM SET PROFILEPATH <NAME> <PATH></title>
1034 Set the profile path for a user account.
1040 <title>SAM SET COMMENT <NAME> <COMMENT></title>
1043 Set the comment for a user or group account.
1049 <title>SAM SET FULLNAME <NAME> <FULL NAME></title>
1052 Set the full name for a user account.
1058 <title>SAM SET LOGONSCRIPT <NAME> <SCRIPT></title>
1061 Set the logon script for a user account.
1067 <title>SAM SET HOMEDRIVE <NAME> <DRIVE></title>
1070 Set the home drive for a user account.
1076 <title>SAM SET WORKSTATIONS <NAME> <WORKSTATIONS></title>
1079 Set the workstations a user account is allowed to log in from.
1085 <title>SAM SET DISABLE <NAME></title>
1088 Set the "disabled" flag for a user account.
1094 <title>SAM SET PWNOTREQ <NAME></title>
1097 Set the "password not required" flag for a user account.
1103 <title>SAM SET AUTOLOCK <NAME></title>
1106 Set the "autolock" flag for a user account.
1112 <title>SAM SET PWNOEXP <NAME></title>
1115 Set the "password do not expire" flag for a user account.
1121 <title>SAM SET PWMUSTCHANGENOW <NAME> [yes|no]</title>
1124 Set or unset the "password must change" flag fro a user account.
1130 <title>SAM POLICY LIST</title>
1133 List the avilable account policies.
1139 <title>SAM POLICY SHOW <account policy></title>
1142 Show the account policy value.
1148 <title>SAM POLICY SET <account policy> <value></title>
1151 Set a value for the account policy.
1152 Valid values can be: "forever", "never", "off", or a number.
1158 <title>SAM PROVISION</title>
1161 Only available if ldapsam:editposix is set and winbindd is running.
1162 Properly populates the ldap tree with the basic accounts (Administrator)
1163 and groups (Domain Users, Domain Admins, Domain Guests) on the ldap tree.
1169 <title>IDMAP DUMP <local tdb file name></title>
1172 Dumps the mappings contained in the local tdb file specified.
1173 This command is useful to dump only the mappings produced by the idmap_tdb backend.
1179 <title>IDMAP RESTORE [input file]</title>
1182 Restore the mappings from the specified file or stdin.
1188 <title>IDMAP SECRET <DOMAIN>|ALLOC <secret></title>
1191 Store a secret for the sepcified domain, used primarily for domains
1192 that use idmap_ldap as a backend. In this case the secret is used
1193 as the password for the user DN used to bind to the ldap server.
1199 <title>USERSHARE</title>
1201 <para>Starting with version 3.0.23, a Samba server now supports the ability for
1202 non-root users to add user define shares to be exported using the "net usershare"
1207 To set this up, first set up your smb.conf by adding to the [global] section :
1209 usershare path = /usr/local/samba/lib/usershares
1211 Next create the directory /usr/local/samba/lib/usershares, change the owner to root and
1212 set the group owner to the UNIX group who should have the ability to create usershares,
1213 for example a group called "serverops".
1215 Set the permissions on /usr/local/samba/lib/usershares to 01770.
1217 (Owner and group all access, no access for others, plus the sticky bit,
1218 which means that a file in that directory can be renamed or deleted only
1219 by the owner of the file).
1221 Finally, tell smbd how many usershares you will allow by adding to the [global]
1222 section of smb.conf a line such as :
1224 usershare max shares = 100.
1226 To allow 100 usershare definitions. Now, members of the UNIX group "serverops"
1227 can create user defined shares on demand using the commands below.
1230 <para>The usershare commands are:
1233 <member>net usershare add sharename path [comment] [acl] [guest_ok=[y|n]] - to add or change a user defined share.</member>
1234 <member>net usershare delete sharename - to delete a user defined share.</member>
1235 <member>net usershare info [-l|--long] [wildcard sharename] - to print info about a user defined share.</member>
1236 <member>net usershare list [-l|--long] [wildcard sharename] - to list user defined shares.</member>
1242 <title>USERSHARE ADD <replaceable>sharename</replaceable> <replaceable>path</replaceable> <replaceable>[comment]</replaceable> <replaceable>[acl]</replaceable> <replaceable>[guest_ok=[y|n]]</replaceable></title>
1245 Add or replace a new user defined share, with name "sharename".
1249 "path" specifies the absolute pathname on the system to be exported.
1250 Restrictions may be put on this, see the global smb.conf parameters :
1251 "usershare owner only", "usershare prefix allow list", and
1252 "usershare prefix deny list".
1256 The optional "comment" parameter is the comment that will appear
1257 on the share when browsed to by a client.
1260 <para>The optional "acl" field
1261 specifies which users have read and write access to the entire share.
1262 Note that guest connections are not allowed unless the smb.conf parameter
1263 "usershare allow guests" has been set. The definition of a user
1264 defined share acl is : "user:permission", where user is a valid
1265 username on the system and permission can be "F", "R", or "D".
1266 "F" stands for "full permissions", ie. read and write permissions.
1267 "D" stands for "deny" for a user, ie. prevent this user from accessing
1269 "R" stands for "read only", ie. only allow read access to this
1270 share (no creation of new files or directories or writing to files).
1274 The default if no "acl" is given is "Everyone:R", which means any
1275 authenticated user has read-only access.
1279 The optional "guest_ok" has the same effect as the parameter of the
1280 same name in smb.conf, in that it allows guest access to this user
1281 defined share. This parameter is only allowed if the global parameter
1282 "usershare allow guests" has been set to true in the smb.conf.
1285 There is no separate command to modify an existing user defined share,
1286 just use the "net usershare add [sharename]" command using the same
1287 sharename as the one you wish to modify and specify the new options
1288 you wish. The Samba smbd daemon notices user defined share modifications
1289 at connect time so will see the change immediately, there is no need
1290 to restart smbd on adding, deleting or changing a user defined share.
1294 <title>USERSHARE DELETE <replaceable>sharename</replaceable></title>
1297 Deletes the user defined share by name. The Samba smbd daemon
1298 immediately notices this change, although it will not disconnect
1299 any users currently connected to the deleted share.
1305 <title>USERSHARE INFO <replaceable>[-l|--long]</replaceable> <replaceable>[wildcard sharename]</replaceable></title>
1308 Get info on user defined shares owned by the current user matching the given pattern, or all users.
1312 net usershare info on its own dumps out info on the user defined shares that were
1313 created by the current user, or restricts them to share names that match the given
1314 wildcard pattern ('*' matches one or more characters, '?' matches only one character).
1315 If the '-l' or '--long' option is also given, it prints out info on user defined
1316 shares created by other users.
1320 The information given about a share looks like :
1325 usershare_acl=Everyone:F
1328 And is a list of the current settings of the user defined share that can be
1329 modified by the "net usershare add" command.
1335 <title>USERSHARE LIST <replaceable>[-l|--long]</replaceable> <replaceable>wildcard sharename</replaceable></title>
1338 List all the user defined shares owned by the current user matching the given pattern, or all users.
1342 net usershare list on its own list out the names of the user defined shares that were
1343 created by the current user, or restricts the list to share names that match the given
1344 wildcard pattern ('*' matches one or more characters, '?' matches only one character).
1345 If the '-l' or '--long' option is also given, it includes the names of user defined
1346 shares created by other users.
1354 <title>HELP [COMMAND]</title>
1356 <para>Gives usage information for the specified command.</para>
1363 <title>VERSION</title>
1365 <para>This man page is complete for version 3.0 of the Samba
1370 <title>AUTHOR</title>
1372 <para>The original Samba software and related utilities
1373 were created by Andrew Tridgell. Samba is now developed
1374 by the Samba Team as an Open Source project similar
1375 to the way the Linux kernel is developed.</para>
1377 <para>The net manpage was written by Jelmer Vernooij.</para>
git.samba.org / bbaumbach / samba-autobuild / .git / blob