net |
The net command, new to Samba 3.0, is a program with a syntax similar to the MS-DOS/Windows command of the same name . It is used for performing various administrative functions related to Windows networking, which can be executed either locally or on a remote system.
net [method] function [misc_options] [target_options]
The function argument is made up of one or more space-separated words. In Windows terminology, it is sometimes referred to as a function with options. Here we list every function in its complete form, including multiple words.
By default, the action is performed on the local system. The target_options argument can be used to specify a remote system (either by hostname or IP address), a domain, or a workgroup.
Depending on the function, the method argument can be optional, required, or disallowed . It specifies one of three methods for performing the operation specified by the rest of the command. It can be ads (Active Directory), rpc (Microsoft's DCE/RPC), or rap (Microsoft's original SMB remote procedure call). To determine which methods (if any) can be used with a function, the net help ads , net help rap , and net help rpc commands can be used to list the functions for each method.
Sets the debug (sometimes called logging) level. The level can range from 0 to 10.
S pecifies the long listing mode. This is provided for functions that print informational listings.
Specifies the NetBIOS name for the client.
Specifies the port number to use.
Specifies the name of the Samba configuration file, overriding the compiled-in default.
Specifies the username and, optionally , the password to use for functions that require authentication.
Specifies the name of the client's workgroup, overriding the definition of the workgroup parameter in the Samba configuration file.
Specifies the remote system using a hostname or NetBIOS name.
Specifies the remote system using its IP address.
Specifies the name of the target domain or workgroup.
See the rpc abortshutdown function.
Prints information about the Active Directory server. The method ( ads ) must be specified to differentiate this function from the rpc info function.
Joins the local system to the Active Directory realm (organizational unit) specified by OU. The method ( ads ) must be specified to differentiate this function from the rpc join function.
Removes the local system from the Active Directory realm.
Changes the Active Directory password for the user specified by username @ REALM . The administrative account authentication information is specified with the -U option. The Active Directory realm must be supplied in all uppercase.
Prints information on the specified printer on the specified server. The printer argument defaults to an asterisk ( * ), meaning all printers, and the server argument defaults to localhost .
Publishes the specified printer in Active Directory.
Removes the specified printer from Active Directory.
Performs a raw Active Directory search, using the standard LDAP search expression and attributes specified by the expr and attrib arguments, respectively.
Prints details about the Active Directory computer account of the system.
Changes the Active Directory password for the local system's computer trust account.
Lists the domains or workgroups on the network.
Lists open files on the server.
Closes the specified file.
Prints information about the specified file, which must be open.
Lists all files opened on the server by the user specified by username .
Adds the specified group. This function accepts the miscellaneous option -C comment (which can also be specified as - -comment= string ) to set the descriptive comment for the group.
Deletes the specified group.
Adds the user specified by username to the group specified by group_name .
Deletes the user specified by username from the group specified by group_name .
Lists the users who are members of the specified group.
Prints a help message for the net command.
Prints a help message for method , which can be ads , rap , or rpc . This lists the functions that can use the method, along with a brief description.
Prints a help message for the specified function, which can be more than one word.
Must be preceded by a method. See the ads info and rpc info functions.
Joins the computer to a Windows NT domain or Active Directory realm. If the method argument is not specified, a check is made to determine if Active Directory is in use, and if so, ads join is performed. Otherwise, rpc join is run. See also the ads join and rpc join functions.
Must be preceded by a method. See the ads leave function.
Prints the IP address of the specified domain's domain controllers. The domain defaults to the value of the workgroup parameter in the Samba configuration file.
Prints the IP address of the specified host.
Prints the IP address of the specified realm's Kerberos domain controller. If realm is not specified, it defaults to the value of the realm parameter in the Samba configuration file.
Prints the IP address of the specified domain's LDAP server. If domain is not specified, it defaults to the value of the workgroup parameter in the Samba configuration file.
Prints the IP address of the master browser of the specified domain or workgroup. If domain is not specified, it defaults to the value of the workgroup parameter in the Samba configuration file.
Changes the password for the user specified by the username argument. The user's old and new passwords are provided in plain text as part of the command. Be careful regarding security issues. See also the ads password function.
See the ads printer info function.
See the ads printer publish function.
See the ads printer remove function.
Prints information (including the job IDs) about printer queues on the server.
Deletes the specified printer queue. The -j job_id (which can also be specified as --jobid = job_id ) option may be used to specify the job ID of the queue.
Aborts the shutdown of a remote server.
Prints information about the server's domain. The method ( rpc ) must be specified to differentiate this function from the ads info function.
Joins a computer to a Windows NT domain. If the -U username % password option is included, the specified username and password will be used as the administrative account required for authenticating with the PDC. If the -U option is not included, this function can be used only to join the computer to the domain after the computer account has been created using the Server Manager. The method ( rpc ) must be specified to differentiate this function from the ads join function.
Shuts down a server. This function accepts the -r , -f , -t , and -c miscellaneous options. The -r option (which can also be specified as --reboot ) requests that the system reboot after shutting down. The -f option (which can also be specified as --force ) forces a shutdown. The -t timeout option (which can also be specified as - -timeout= number ) specifies the number of seconds to wait before shutting down, and the -c comment option (which can also be specified as - -comment= string ) can be used to specify a message to the client user. On Windows, the comment appears in the Message area in the System Shutdown dialog box.
Adds an account for the trust relationship with the specified Windows NT domain.
Establishes a trust relationship with the specified Windows NT domain.
Revokes the trust relationship with the specified Windows NT domain.
See the ads search function.
Lists servers in the domain or workgroup, which defaults to the value of the workgroup parameter in the Samba configuration file.
Lists clients with open sessions to the server.
Closes the session to the server from the specified client. A synonym is session close .
A synonym for session delete .
Lists the shares offered by the server. When a Windows 95/98/Me server is the target system, it might be necessary to specify the method as rap for this to work properly.
Adds a share on the target server. The name of the share and the folder to be shared are specified by the share_name = server_path argument, with server_path the Windows directory name, with spaces and other special characters (if any) quoted and with the backslashes escaped (e.g., " data=C:\\Documents and Settings\\jay\\Desktop\\data "). The -C comment option (which can also be specified as - -comment= string ) can be used to define a description for the share. The -M number option (which can also be specified as --maxusers= number ) can be used to set the maximum number of users that can connect to the share. The method ( rap or rpc ) might need to be specified for this function to work. The regular folder icon cannot change into a "shared folder" icon in Windows Explorer until the display is refreshed.
Deletes a share from the target server. The share_name argument is simply the name of the share on the target server, not a UNC. The method ( rap or rpc ) might need to be specified for this function to work. The "shared folder" icon in Windows Explorer cannot change back to the regular folder icon until the display is refreshed.
See the rpc shutdown function.
See the ads status function.
Displays the system timein Unix date command formaton the target system.
Sets the local system's hardware clock using the time obtained from the operating system.
Sets the time on the local system using the time obtained from the remote system.
Prints the time zone (in hours from GMT) in use on the system.
See the rpc trustdom add function.
See the rpc trustdom establish function.
See the rpc trustdom revoke function.
Lists user accounts. The method can be specified as ads , rap , or rpc .
Adds a user account for the user specified by username . The -c comment option (which can also be specified as - -comment= string ) can be used to set a comment for the account. The -F user_flags option can be used to set flags (specified in numeric format) for the account. The method can be specified as ads , rap , or rpc .
Deletes the specified user's account. The method can be specified as ads , rap , or rpc .
Lists the domain groups to which the specified user belongs. The method can be specified as ads , rap , or rpc .