Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SAMBA-TOOL(8)		  System Administration	tools		 SAMBA-TOOL(8)

NAME
       samba-tool - Main Samba administration tool.

SYNOPSIS
       samba-tool [-h] [-W myworkgroup]	[-U user] [-d debuglevel] [--v]

DESCRIPTION
       This tool is part of the	samba(7) suite.

OPTIONS
       -h|--help
	   Show	this help message and exit

       --realm=REALM
	   Set the realm name

       --simple-bind-dn=DN
	   DN to use for a simple bind

       --password=PASSWORD
	   Password

       -U USERNAME|--username=USERNAME
	   Username

       -W WORKGROUP|--workgroup=WORKGROUP
	   Workgroup

       -N|--no-pass
	   Don't ask for a password

       -k KERBEROS|--kerberos=KERBEROS
	   Use Kerberos

       --ipaddress=IPADDRESS
	   IP address of the server

COMMANDS
   dbcheck
       Check the local AD database for errors.

   delegation
       Manage Delegations.

   delegation add-service accountname principal	[options]
       Add a service principal as msDS-AllowedToDelegateTo.

   delegation del-service accountname principal	[options]
       Delete a	service	principal as msDS-AllowedToDelegateTo.

   delegation for-any-protocol accountname [(on|off)] [options]
       Set/unset UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION (S4U2Proxy) for an
       account.

   delegation for-any-service accountname [(on|off)] [options]
       Set/unset UF_TRUSTED_FOR_DELEGATION for an account.

   delegation show accountname [options]
       Show the	delegation setting of an account.

   dns
       Manage Domain Name Service (DNS).

   dns add server zone name A|AAAA|PTR|CNAME|NS|MX|SRV|TXT data
       Add a DNS record.

   dns delete server zone name A|AAAA|PTR|CNAME|NS|MX|SRV|TXT data
       Delete a	DNS record.

   dns query server zone name A|AAAA|PTR|CNAME|NS|MX|SRV|TXT|ALL [options]
       data
       Query a name.

   dns roothints server	[name] [options]
       Query root hints.

   dns serverinfo server [options]
       Query server information.

   dns update server zone name A|AAAA|PTR|CNAME|NS|MX|SRV|TXT olddata newdata
       Update a	DNS record.

   dns zonecreate server zone [options]
       Create a	zone.

   dns zonedelete server zone [options]
       Delete a	zone.

   dns zoneinfo	server zone [options]
       Query zone information.

   dns zonelist	server [options]
       List zones.

   domain
       Manage Domain.

   domain classicupgrade [options] classic_smb_conf
       Upgrade from Samba classic (NT4-like) database to Samba AD DC database.

   domain dcpromo dnsdomain [DC|RODC] [options]
       Promote an existing domain member or NT4	PDC to an AD DC.

   domain demote
       Demote ourselves	from the role of domain	controller.

   domain exportkeytab keytab [options]
       Dumps Kerberos keys of the domain into a	keytab.

   domain info ip_address [options]
       Print basic info	about a	domain and the specified DC.

   domain join dnsdomain [DC|RODC|MEMBER|SUBDOMAIN] [options]
       Join a domain as	either member or backup	domain controller.

   domain level	show|raise options [options]
       Show/raise domain and forest function levels.

   domain passwordsettings show|set options [options]
       Show/set	password settings.

   domain provision
       Promote an existing domain member or NT4	PDC to an AD DC.

   domain trust
       Domain and forest trust management.

   domain trust	create DOMAIN options [options]
       Create a	domain or forest trust.

   domain trust	delete DOMAIN options [options]
       Delete a	domain trust.

   domain trust	list options [options]
       List domain trusts.

   domain trust	namespaces [DOMAIN] options [options]
       Manage forest trust namespaces.

   domain trust	show DOMAIN options [options]
       Show trusted domain details.

   domain trust	validate DOMAIN	options	[options]
       Validate	a domain trust.

   drs
       Manage Directory	Replication Services (DRS).

   drs bind
       Show DRS	capabilities of	a server.

   drs kcc
       Trigger knowledge consistency center run.

   drs options
       Query or	change options for NTDS	Settings object	of a domain
       controller.

   drs replicate destination_DC	source_DC NC [options]
       Replicate a naming context between two DCs.

   drs showrepl
       Show replication	status.

   dsacl
       Administer DS ACLs

   dsacl set
       Modify access list on a directory object.

   fsmo
       Manage Flexible Single Master Operations	(FSMO).

   fsmo	seize [options]
       Seize the role.

   fsmo	show
       Show the	roles.

   fsmo	transfer [options]
       Transfer	the role.

   gpo
       Manage Group Policy Objects (GPO).

   gpo create displayname [options]
       Create an empty GPO.

   gpo del gpo [options]
       Delete GPO.

   gpo dellink container_dn gpo	[options]
       Delete GPO link from a container.

   gpo fetch gpo [options]
       Download	a GPO.

   gpo getinheritance container_dn [options]
       Get inheritance flag for	a container.

   gpo getlink container_dn [options]
       List GPO	Links for a container.

   gpo list username [options]
       List GPOs for an	account.

   gpo listall
       List all	GPOs.

   gpo listcontainers gpo [options]
       List all	linked containers for a	GPO.

   gpo setinheritance container_dn block|inherit [options]
       Set inheritance flag on a container.

   gpo setlink container_dn gpo	[options]
       Add or Update a GPO link	to a container.

   gpo show gpo	[options]
       Show information	for a GPO.

   group
       Manage groups.

   group add groupname [options]
       Create a	new AD group.

   group addmembers groupname members [options]
       Add members to an AD group.

   group delete	groupname [options]
       Delete an AD group.

   group list
       List all	groups.

   group listmembers groupname [options]
       List all	members	of the specified AD group.

   group removemembers groupname members [options]
       Remove members from the specified AD group.

   ldapcmp URL1	URL2 domain|configuration|schema|dnsdomain|dnsforest [options]
       Compare two LDAP	databases.

   ntacl
       Manage NT ACLs.

   ntacl get file [options]
       Get ACLs	on a file.

   ntacl set acl file [options]
       Set ACLs	on a file.

   ntacl sysvolcheck
       Check sysvol ACLs match defaults	(including correct ACLs	on GPOs).

   ntacl sysvolreset
       Reset sysvol ACLs to defaults (including	correct	ACLs on	GPOs).

   rodc
       Manage Read-Only	Domain Controller (RODC).

   rodc	preload	SID|DN|accountname [options]
       Preload one account for an RODC.

   sites
       Manage sites.

   sites create	site [options]
       Create a	new site.

   sites remove	site [options]
       Delete an existing site.

   spn
       Manage Service Principal	Names (SPN).

   spn add name	user [options]
       Create a	new SPN.

   spn delete name [user] [options]
       Delete an existing SPN.

   spn list user [options]
       List SPNs of a given user.

   testparm
       Check the syntax	of the configuration file.

   time
       Retrieve	the time on a server.

   user
       Manage users.

   user	add username [password]
       Create a	new user. Please note that this	subcommand is deprecated and
       available for compatibility reasons only. Please	use samba-tool user
       create instead.

   user	create username	[password]
       Create a	new user in the	Active Directory Domain.

   user	delete username	[options]
       Delete an existing user account.

   user	disable	username
       Disable an user account.

   user	enable username
       Enable an user account.

   user	list
       List all	users.

   user	password [options]
       Change password for an user account (the	one provided in
       authentication).

   user	setexpiry username [options]
       Set the expiration of an	user account.

   user	setpassword username [options]
       Sets or resets the password of an user account.

   user	getpassword username [options]
       Gets the	password of an user account.

   user	syncpasswords --cache-ldb-initialize [options]
       Syncs the passwords of all user accounts, using an optional script.

       Note that this command should run on a single domain controller only
       (typically the PDC-emulator).

   vampire [options] domain
       Join and	synchronise a remote AD	domain to the local server. Please
       note that samba-tool vampire is deprecated, please use samba-tool
       domain join instead.

   help
       Gives usage information.

VERSION
       This man	page is	complete for version 4 of the Samba suite.

AUTHOR
       The original Samba software and related utilities were created by
       Andrew Tridgell.	Samba is now developed by the Samba Team as an Open
       Source project similar to the way the Linux kernel is developed.

       The samba-tool manpage was written by Karolin Seeger.

Samba 4.6			  05/23/2017			 SAMBA-TOOL(8)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | COMMANDS | VERSION | AUTHOR

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=samba-tool&sektion=8&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help