1 .\" This manpage has been automatically generated by docbook2man
2 .\" from a DocBook document. This tool can be found at:
3 .\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
4 .\" Please send any bug reports, improvements, comments, patches,
5 .\" etc. to Steve Cheng <steve@ggi-project.org>.
6 .TH "RPCCLIENT" "1" "07 april 2003" "" ""
9 rpcclient \- tool for executing client side MS-RPC functions
12 \fBrpcclient\fR [ \fB-A authfile\fR ] [ \fB-c <command string>\fR ] [ \fB-d debuglevel\fR ] [ \fB-h\fR ] [ \fB-l logfile\fR ] [ \fB-N\fR ] [ \fB-s <smb config file>\fR ] [ \fB-U username[%password]\fR ] [ \fB-W workgroup\fR ] [ \fB-N\fR ] [ \fB-I destinationIP\fR ] \fBserver\fR
16 This tool is part of the \fBSamba\fR(7) suite.
18 \fBrpcclient\fR is a utility initially developed
19 to test MS-RPC functionality in Samba itself. It has undergone
20 several stages of development and stability. Many system administrators
21 have now written scripts around it to manage Windows NT clients from
22 their UNIX workstation.
26 NetBIOS name of Server to which to connect.
27 The server can be any SMB/CIFS server. The name is
28 resolved using the \fIname resolve order\fR line from \fBsmb.conf\fR(5).
30 \fB-c|--command='command string'\fR
31 execute semicolon separated commands (listed
35 \fIIP address\fR is the address of the server to connect to.
36 It should be specified in standard "a.b.c.d" notation.
38 Normally the client would attempt to locate a named
39 SMB/CIFS server by looking it up via the NetBIOS name resolution
40 mechanism described above in the \fIname resolve order\fR
41 parameter above. Using this parameter will force the client
42 to assume that the server is on the machine with the specified IP
43 address and the NetBIOS name component of the resource being
44 connected to will be ignored.
46 There is no default for this parameter. If not supplied,
47 it will be determined automatically by the client as described
51 Prints the version number for
54 \fB-s <configuration file>\fR
55 The file specified contains the
56 configuration details required by the server. The
57 information in this file includes server-specific
58 information such as what printcap file to use, as well
59 as descriptions of all the services that the server is
60 to provide. See \fIsmb.conf(5)\fR for more information.
61 The default configuration file name is determined at
64 \fB-d|--debug=debuglevel\fR
65 \fIdebuglevel\fR is an integer
66 from 0 to 10. The default value if this parameter is
67 not specified is zero.
69 The higher this value, the more detail will be
70 logged to the log files about the activities of the
71 server. At level 0, only critical errors and serious
72 warnings will be logged. Level 1 is a reasonable level for
73 day to day running - it generates a small amount of
74 information about operations carried out.
76 Levels above 1 will generate considerable
77 amounts of log data, and should only be used when
78 investigating a problem. Levels above 3 are designed for
79 use only by developers and generate HUGE amounts of log
80 data, most of which is extremely cryptic.
82 Note that specifying this parameter here will
86 \fB-l|--logfile=logbasename\fR
87 File name for log/debug files. The extension
88 ".client" will be appended. The log file is
89 never removed by the client.
92 If specified, this parameter suppresses the normal
93 password prompt from the client to the user. This is useful when
94 accessing a service that does not require a password.
96 Unless a password is specified on the command line or
97 this parameter is specified, the client will request a
101 Try to authenticate with kerberos. Only useful in
102 an Active Directory environment.
104 \fB-A|--authfile=filename\fR
106 you to specify a file from which to read the username and
107 password used in the connection. The format of the file is
116 Make certain that the permissions on the file restrict
117 access from unwanted users.
119 \fB-U|--user=username[%password]\fR
120 Sets the SMB username or username and password.
122 If %password is not specified, the user will be prompted. The
123 client will first check the \fBUSER\fR environment variable, then the
124 \fBLOGNAME\fR variable and if either exists, the
125 string is uppercased. If these environmental variables are not
126 found, the username GUEST is used.
128 A third option is to use a credentials file which
129 contains the plaintext of the username and password. This
130 option is mainly provided for scripts where the admin does not
131 wish to pass the credentials on the command line or via environment
132 variables. If this method is used, make certain that the permissions
133 on the file restrict access from unwanted users. See the
134 \fI-A\fR for more details.
136 Be cautious about including passwords in scripts. Also, on
137 many systems the command line of a running process may be seen
138 via the \fBps\fR command. To be safe always allow
139 \fBrpcclient\fR to prompt for a password and type
142 \fB-n <primary NetBIOS name>\fR
143 This option allows you to override
144 the NetBIOS name that Samba uses for itself. This is identical
145 to setting the \fINetBIOS
146 name\fR parameter in the \fBsmb.conf\fR(5) file. However, a command
147 line setting will take precedence over settings in
151 This specifies a NetBIOS scope that
152 \fBnmblookup\fR will use to communicate with when
153 generating NetBIOS names. For details on the use of NetBIOS
154 scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes are
155 \fBvery\fR rarely used, only set this parameter
156 if you are the system administrator in charge of all the
157 NetBIOS systems you communicate with.
159 \fB-W|--workgroup=domain\fR
160 Set the SMB domain of the username. This
161 overrides the default domain which is the domain defined in
162 smb.conf. If the domain specified is the same as the servers
163 NetBIOS name, it causes the client to log on using the servers local
164 SAM (as opposed to the Domain SAM).
166 \fB-O socket options\fR
167 TCP socket options to set on the client
168 socket. See the socket options parameter in
169 the \fBsmb.conf\fR(5) manual page for the list of valid
173 Print a summary of command line options.
182 of SIDs to usernames.
186 of usernames to SIDs.
189 Enumerate trusted domains
195 Get the privilege name
198 Enumerate the LSA SIDS
200 \fBlsaenumprivsaccount\fR
201 Enumerate the privileges of an SID
203 \fBlsaenumacctrights\fR
204 Enumerate the rights of an SID
206 \fBlsaenumacctwithright\fR
207 Enumerate accounts with a right
209 \fBlsaaddacctrights\fR
210 Add rights to an account
212 \fBlsaremoveacctrights\fR
213 Remove rights from an account
215 \fBlsalookupprivvalue\fR
216 Get a privilege value given its name
219 Query LSA security object
223 Get Primary Domain Information
261 Fetch remote time of day
270 \fBqueryusergroups\fR
274 Query group membership
277 Query alias membership
286 Enumerate domain users
289 Enumerate domain groups
292 Enumerate alias groups
307 Query SAMR security object
310 Retrieve domain password info
316 \fBadddriver <arch> <config>\fR
317 Execute an AddPrinterDriver() RPC to install the printer driver
318 information on the server. Note that the driver files should
319 already exist in the directory returned by
320 \fBgetdriverdir\fR. Possible values for
321 \fIarch\fR are the same as those for
322 the \fBgetdriverdir\fR command.
323 The \fIconfig\fR parameter is defined as
333 Language Monitor Name:\\
335 Comma Separated list of Files
338 Any empty fields should be enter as the string "NULL".
340 Samba does not need to support the concept of Print Monitors
341 since these only apply to local printers whose driver can make
342 use of a bi-directional link for communication. This field should
343 be "NULL". On a remote NT print server, the Print Monitor for a
344 driver must already be installed prior to adding the driver or
345 else the RPC will fail.
347 \fBaddprinter <printername> <sharename> <drivername> <port>\fR
348 Add a printer on the remote server. This printer
349 will be automatically shared. Be aware that the printer driver
350 must already be installed on the server (see \fBadddriver\fR)
351 and the \fIport\fRmust be a valid port name (see
356 specified printer driver for all architectures. This
357 does not delete the actual driver files from the server,
358 only the entry from the server's list of drivers.
362 printer setting data stored on the server. On Windows NT clients,
363 these values are stored in the registry, while Samba servers
364 store them in the printers TDB. This command corresponds
365 to the MS Platform SDK GetPrinterData() function (* This
366 command is currently unimplemented).
369 Enumerate printer data for a key
371 \fBenumjobs <printer>\fR
372 List the jobs and status of a given printer.
373 This command corresponds to the MS Platform SDK EnumJobs()
377 Enumerate printer keys
379 \fBenumports [level]\fR
380 Executes an EnumPorts() call using the specified
381 info level. Currently only info levels 1 and 2 are supported.
383 \fBenumdrivers [level]\fR
384 Execute an EnumPrinterDrivers() call. This lists the various installed
385 printer drivers for all architectures. Refer to the MS Platform SDK
386 documentation for more details of the various flags and calling
387 options. Currently supported info levels are 1, 2, and 3.
389 \fBenumprinters [level]\fR
390 Execute an EnumPrinters() call. This lists the various installed
391 and share printers. Refer to the MS Platform SDK documentation for
392 more details of the various flags and calling options. Currently
393 supported info levels are 0, 1, and 2.
395 \fBgetdata <printername> <valuename;>\fR
396 Retrieve the data for a given printer setting. See
397 the \fBenumdata\fR command for more information.
398 This command corresponds to the GetPrinterData() MS Platform
402 Get printer driver data with keyname
404 \fBgetdriver <printername>\fR
405 Retrieve the printer driver information (such as driver file,
406 config file, dependent files, etc...) for
407 the given printer. This command corresponds to the GetPrinterDriver()
408 MS Platform SDK function. Currently info level 1, 2, and 3 are supported.
410 \fBgetdriverdir <arch>\fR
411 Execute a GetPrinterDriverDirectory()
412 RPC to retrieve the SMB share name and subdirectory for
413 storing printer driver files for a given architecture. Possible
414 values for \fIarch\fR are "Windows 4.0"
415 (for Windows 95/98), "Windows NT x86", "Windows NT PowerPC", "Windows
416 Alpha_AXP", and "Windows NT R4000".
418 \fBgetprinter <printername>\fR
419 Retrieve the current printer information. This command
420 corresponds to the GetPrinter() MS Platform SDK function.
422 \fBgetprintprocdir\fR
423 Get print processor directory
425 \fBopenprinter <printername>\fR
426 Execute an OpenPrinterEx() and ClosePrinter() RPC
427 against a given printer.
429 \fBsetdriver <printername> <drivername>\fR
430 Execute a SetPrinter() command to update the printer driver
431 associated with an installed printer. The printer driver must
432 already be correctly installed on the print server.
434 See also the \fBenumprinters\fR and
435 \fBenumdrivers\fR commands for obtaining a list of
436 of installed printers and drivers.
457 Set REG_SZ printer data
477 .SS "GENERAL COMMANDS"
481 debug level used to log information.
484 Print a listing of all
485 known commands or extended help on a particular command.
492 \fBrpcclient\fR is designed as a developer testing tool
493 and may not be robust in certain areas (such as command line parsing).
494 It has been known to generate a core dump upon failures when invalid
495 parameters where passed to the interpreter.
497 From Luke Leighton's original rpcclient man page:
499 \fBWARNING!\fR The MSRPC over SMB code has
500 been developed from examining Network traces. No documentation is
501 available from the original creators (Microsoft) on how MSRPC over
502 SMB works, or how the individual MSRPC services work. Microsoft's
503 implementation of these services has been demonstrated (and reported)
504 to be... a bit flaky in places.
506 The development of Samba's implementation is also a bit rough,
507 and as more of the services are understood, it can even result in
508 versions of \fBsmbd\fR(8) and \fBrpcclient\fR(1) that are incompatible for some commands or services. Additionally,
509 the developers are sending reports to Microsoft, and problems found
510 or reported to Microsoft are fixed in Service Packs, which may
511 result in incompatibilities.
514 This man page is correct for version 3.0 of the Samba
518 The original Samba software and related utilities
519 were created by Andrew Tridgell. Samba is now developed
520 by the Samba Team as an Open Source project similar
521 to the way the Linux kernel is developed.
523 The original rpcclient man page was written by Matthew
524 Geddes, Luke Kenneth Casson Leighton, and rewritten by Gerald Carter.
525 The conversion to DocBook for Samba 2.2 was done by Gerald
526 Carter. The conversion to DocBook XML 4.2 for Samba 3.0 was
527 done by Alexander Bokovoy.