Главная » Электроника

Command line linux net

На чтение 25 мин Обновлено
Содержание
  1. 22 Linux Networking Commands for Sysadmin
  2. On this page
  3. Network Configuration, Troubleshooting, and Debugging Tools
  4. 1. ifconfig Command
  5. 2. IP Command
  6. 3. ifup, ifdown, and ifquery command
  7. 4. Ethtool Command
  8. 5. Ping Command
  9. 6. Traceroute Command
  10. 7. MTR Network Diagnostic Tool
  11. 8. Route Command
  12. 9. Nmcli Command
  13. Network Scanning and Performance Analysis Tools
  14. 10. Netstat Command
  15. 11. ss Command
  16. 12. NC Command
  17. 13. Nmap Command
  18. DNS Lookup Utilities
  19. 14. host Command
  20. 15. dig Command
  21. 16. NSLookup Command
  22. Linux Network Packet Analyzers
  23. 17. Tcpdump Command
  24. 18. Wireshark Utility
  25. 19. Bmon Tool
  26. Linux Firewall Management Tools
  27. 20. Iptables Firewall
  28. 21. Firewalld
  29. 22. UFW (Uncomplicated Firewall)
  30. If You Appreciate What We Do Here On TecMint, You Should Consider:
  31. net — Unix, Linux Command
  32. SYNOPSIS
  33. DESCRIPTION
  34. OPTIONS
  35. COMMANDS
  36. CHANGESECRETPW
  37. TIME SYSTEM
  38. TIME SET
  39. TIME ZONE
  40. [RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]
  41. [RPC] OLDJOIN [options]
  42. [RPC|ADS] USER
  43. [RPC|ADS] USER
  44. [RPC|ADS] USER DELETE target
  45. [RPC|ADS] USER INFO target
  46. [RPC|ADS] USER RENAME oldname newname
  47. [RPC|ADS] USER ADD name [password] [-F user flags] [-C comment]
  48. [RPC|ADS] GROUP
  49. [RPC|ADS] GROUP [misc options] [targets]
  50. [RPC|ADS] GROUP DELETE name [misc. options]
  51. [RPC|ADS] GROUP ADD name [-C comment]
  52. [RAP|RPC] SHARE
  53. [RAP|RPC] SHARE [misc. options] [targets]
  54. [RAP|RPC] SHARE ADD name=serverpath [-C comment] [-M maxusers] [targets]
  55. SHARE DELETE sharename
  56. [RPC|RAP] FILE
  57. [RPC|RAP] FILE
  58. [RPC|RAP] FILE CLOSE fileid
  59. [RPC|RAP] FILE INFO fileid
  60. [RAP|RPC] FILE USER user
  61. SESSION
  62. RAP SESSION
  63. RAP SESSION DELETE|CLOSE CLIENT_NAME
  64. RAP SESSION INFO CLIENT_NAME
  65. RAP SERVER DOMAIN
  66. RAP DOMAIN
  67. RAP PRINTQ
  68. RAP PRINTQ LIST QUEUE_NAME
  69. RAP PRINTQ DELETE JOBID
  70. RAP VALIDATE user [password]
  71. RAP GROUPMEMBER
  72. RAP GROUPMEMBER LIST GROUP
  73. RAP GROUPMEMBER DELETE GROUP USER
  74. RAP GROUPMEMBER ADD GROUP USER
  75. RAP ADMIN command
  76. RAP SERVICE
  77. RAP SERVICE START NAME [arguments. ]
  78. RAP SERVICE STOP
  79. RAP PASSWORD USER OLDPASS NEWPASS
  80. LOOKUP
  81. LOOKUP HOST HOSTNAME [TYPE]
  82. LOOKUP LDAP [DOMAIN]
  83. LOOKUP KDC [REALM]
  84. LOOKUP DC [DOMAIN]
  85. LOOKUP MASTER DOMAIN
  86. CACHE
  87. CACHE ADD key data time-out
  88. CACHE DEL key
  89. CACHE SET key data time-out
  90. CACHE SEARCH PATTERN
  91. CACHE LIST
  92. CACHE FLUSH
  93. GETLOCALSID [DOMAIN]
  94. SETLOCALSID S-1-5-21-x-y-z
  95. GETDOMAINSID
  96. SETDOMAINSID
  97. GROUPMAP
  98. GROUPMAP ADD
  99. GROUPMAP DELETE
  100. GROUPMAP MODIFY
  101. GROUPMAP LIST
  102. MAXRID
  103. RPC INFO
  104. [RPC|ADS] TESTJOIN
  105. [RPC|ADS] CHANGETRUSTPW
  106. RPC TRUSTDOM
  107. RPC TRUSTDOM ADD DOMAIN
  108. RPC TRUSTDOM DEL DOMAIN
  109. RPC TRUSTDOM ESTABLISH DOMAIN
  110. RPC TRUSTDOM REVOKE DOMAIN
  111. RPC TRUSTDOM LIST
  112. RPC RIGHTS
  113. RPC ABORTSHUTDOWN
  114. RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]
  115. RPC SAMDUMP
  116. RPC VAMPIRE
  117. RPC GETSID
  118. ADS LEAVE
  119. ADS STATUS
  120. ADS PRINTER
  121. ADS PRINTER INFO [PRINTER] [SERVER]
  122. ADS PRINTER PUBLISH PRINTER
  123. ADS PRINTER REMOVE PRINTER
  124. ADS SEARCH EXPRESSION ATTRIBUTES.
  125. ADS DN DN (attributes)
  126. ADS WORKGROUP
  127. SAM CREATEBUILTINGROUP
  128. SAM CREATELOCALGROUP
  129. SAM DELETELOCALGROUP
  130. SAM MAPUNIXGROUP
  131. SAM UNMAPUNIXGROUP
  132. SAM ADDMEM
  133. SAM DELMEM
  134. SAM LISTMEM
  135. SAM LIST [verbose]
  136. SAM SHOW
  137. SAM SET HOMEDIR
  138. SAM SET PROFILEPATH
  139. SAM SET COMMENT

22 Linux Networking Commands for Sysadmin

A system administrator’s routine tasks include configuring, maintaining, troubleshooting, and managing servers and networks within data centers. There are numerous tools and utilities in Linux designed for administrative purposes.

In this article, we will review some of the most used command-line tools and utilities for network management in Linux, under different categories. We will explain some common usage examples, which will make network management much easier in Linux.

On this page

This list is equally useful to full-time Linux network engineers.

Network Configuration, Troubleshooting, and Debugging Tools

1. ifconfig Command

ifconfig is a command-line interface tool for network interface configuration and is also used to initialize interfaces at system boot time. Once a server is up and running, it can be used to assign an IP Address to an interface and enable or disable the interface on demand.

It is also used to view the IP Address, Hardware / MAC address, as well as MTU (Maximum Transmission Unit) size of the currently active interfaces. ifconfig is thus useful for debugging or performing system tuning.

Here is an example to display the status of all active network interfaces.

To list all interfaces which are currently available, whether up or down, use the -a flag.

To assign an IP address to an interface, use the following command.

To activate a network interface, type.

To deactivate or shut down a network interface, type.

Note: Although ifconfig is a great tool, it is now obsolete (deprecated), its replacement is the ip command which is explained below.

2. IP Command

ip command is another useful command-line utility for displaying and manipulating routing, network devices, interfaces. It is a replacement for ifconfig and many other networking commands. (Read our article “What’s Difference Between ifconfig and ip Command” to learn more about it.)

The following command will show the IP address and other information about a network interface.

To temporarily assign IP Address to a specific network interface (eth0), type.

To remove an assigned IP address from a network interface (eth0), type.

To show the current neighbor table in the kernel, type.

3. ifup, ifdown, and ifquery command

ifup command actives a network interface, making it available to transfer and receive data.

ifdown command disables a network interface, keeping it in a state where it cannot transfer or receive data.

ifquery command used to parse the network interface configuration, enabling you to receive answers to query about how it is currently configured.

4. Ethtool Command

ethtool is a command-line utility for querying and modifying network interface controller parameters and device drivers. The example below shows the usage of ethtool and a command to view the parameters for the network interface.

5. Ping Command

ping (Packet INternet Groper) is a utility normally used for testing connectivity between two systems on a network (Local Area Network (LAN) or Wide Area Network (WAN)). It uses ICMP (Internet Control Message Protocol) to communicate to nodes on a network.

To test connectivity to another node, simply provide its IP or hostname, for example.

You can also tell ping to exit after a specified number of ECHO_REQUEST packets, using the -c flag as shown.

6. Traceroute Command

Traceroute is a command-line utility for tracing the full path from your local system to another network system. It prints a number of hops (router IPs) in that path you travel to reach the end server. It is an easy-to-use network troubleshooting utility after the ping command.

In this example, we are tracing the route packets take from the local system to one of Google’s servers with IP address 216.58.204.46.

7. MTR Network Diagnostic Tool

MTR is a modern command-line network diagnostic tool that combines the functionality of ping and traceroute into a single diagnostic tool. Its output is updated in real-time, by default until you exit the program by pressing q .

The easiest way of running mtr is to provide it a hostname or IP address as an argument, as follows.

Sample Output

You can limit the number of pings to a specific value and exit mtr after those pings, using the -c flag as shown.

8. Route Command

The route is a command-line utility for displaying or manipulating the IP routing table of a Linux system. It is mainly used to configure static routes to specific hosts or networks via an interface.

You can view the Kernel IP routing table by typing.

There are numerous commands you can use to configure routing. Here are some useful ones:

Add a default gateway to the routing table.

Add a network route to the routing table.

Читайте также:  0x80070002 windows server 2008 r2

Delete a specific route entry from the routing table.

9. Nmcli Command

Nmcli is an easy-to-use, scriptable command-line tool to report network status, manage network connections, and control the NetworkManager.

To view all your network devices, type.

To check network connections on your system, type.

To see only the active connections, add the -a flag.

Network Scanning and Performance Analysis Tools

10. Netstat Command

netstat is a command-line tool that displays useful information such as network connections, routing tables, interface statistics, and much more, concerning the Linux networking subsystem. It is useful for network troubleshooting and performance analysis.

Additionally, it is also a fundamental network service debugging tool used to check which programs are listening on what ports. For instance, the following command will show all TCP ports in listening mode and what programs are listening on them.

To view the kernel routing table, use the -r flag (which is equivalent to running the route command above).

Note: Although Netstat is a great tool, it is now obsolete (deprecated), its replacement is the ss command which is explained below.

11. ss Command

ss (socket statistics) is a powerful command-line utility to investigate sockets. It dumps socket statistics and displays information similar to netstat. In addition, it shows more TCP and state information compared to other similar utilities.

The following example shows how to list all TCP ports (sockets) that are open on a server.

To display all active TCP connections together with their timers, run the following command.

12. NC Command

NC (NetCat) also referred to as the “Network Swiss Army knife”, is a powerful utility used for almost any task related to TCP, UDP, or UNIX-domain sockets. It is used to open TCP connections, listen on arbitrary TCP and UDP ports, perform port scanning plus more.

You can also use it as a simple TCP proxy, for network daemon testing, to check if remote ports are reachable, and much more. Furthermore, you can employ nc together with pv command to transfer files between two computers.

The following example will show how to scan a list of ports.

You can also specify a range of ports as shown.

The following example shows how to use nc to open a TCP connection to port 5000 on server2.tecmint.lan, using port 3000 as the source port, with a timeout of 10 seconds.

13. Nmap Command

Nmap (Network Mapper) is a powerful and extremely versatile tool for Linux system/network administrators. It is used to gather information about a single host or explores networks an entire network. Nmap is also used to perform security scans, network audits and finding open ports on remote hosts and so much more.

You can scan a host using its hostname or IP address, for instance.

Alternatively, use an IP address as shown.

Read our following useful articles on the nmap command.

DNS Lookup Utilities

14. host Command

host command is a simple utility for carrying out DNS lookups, it translates hostnames to IP addresses and vice versa.

15. dig Command

dig (domain information groper) is also another simple DNS lookup utility, that is used to query DNS related information such as A Record, CNAME, MX Record etc, for example:

16. NSLookup Command

Nslookup is also a popular command-line utility to query DNS servers both interactively and non-interactively. It is used to query DNS resource records (RR). You can find out the “A” record (IP address) of a domain as shown.

You can also perform a reverse domain lookup as shown.

Linux Network Packet Analyzers

17. Tcpdump Command

Tcpdump is a very powerful and widely used command-line network sniffer. It is used to capture and analyze TCP/IP packets transmitted or received over a network on a specific interface.

To capture packets from a given interface, specify it using the -i option.

To capture a specific number of packets, use the -c option to enter the desired number.

You can also capture and save packets to a file for later analysis, use the -w flag to specify the output file.

18. Wireshark Utility

Wireshark is a popular, powerful, versatile, and easy-to-use tool for capturing and analyzing packets in a packet-switched network, in real-time.

You can also save data it has captured to a file for later inspection. It is used by system administrators and network engineers to monitor and inspect the packets for security and troubleshooting purposes.

Monitor Local Network Traffic

19. Bmon Tool

bmon is a powerful, command line-based network monitoring and debugging utility for Unix-like systems, it captures networking-related statistics and prints them visually in a human-friendly format. It is a reliable and effective real-time bandwidth monitor and rate estimator.

bmon – Linux Network Bandwidth Monitoring

Linux Firewall Management Tools

20. Iptables Firewall

iptables is a command-line tool for configuring, maintaining, and inspecting the tables IP packet filtering and NAT ruleset. It is used to set up and manage the Linux firewall (Netfilter). It allows you to list existing packet filter rules; add or delete or modify packet filter rules; list per-rule counters of the packet filter rules.

You can learn how to use Iptables for various purposes from our simple yet comprehensive guides.

21. Firewalld

Firewalld is a powerful and dynamic daemon to manage the Linux firewall (Netfilter), just like iptables. It uses “networks zones” instead of INPUT, OUTPUT, and FORWARD CHAINS in iptables. On current Linux distributions such as RHEL/CentOS 7 and Fedora 21+, iptables is actively being replaced by firewalld.

To get started with firewalld, consult these guides listed below:

Important: Iptables is still supported and can be installed with the YUM package manager. However, you can’t use Firewalld and iptables at the same time on the same server – you must choose one.

22. UFW (Uncomplicated Firewall)

UFW is a well-known and default firewall configuration tool on Debian and Ubuntu Linux distributions. It is used to enable/disable system firewall, add/delete/modify/reset packet filtering rules, and much more.

To check UFW firewall status, type.

If the UFW firewall is not active, you can activate or enable it using the following command.

To disable the UFW firewall, use the following command.

If you want to find more information about a particular program, you can consult its man pages as shown.

That’s all for now! In this comprehensive guide, we reviewed some of the most used command-line tools and utilities for network management in Linux, under different categories, for system administrators, and equally useful to full-time network administrators/engineers.

You can share your thoughts about this guide via the comment form below. If we have missed any frequently used and important Linux networking tools/utilities or any useful related information, also let us know.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

We are thankful for your never ending support.

Источник

net — Unix, Linux Command

SYNOPSIS

DESCRIPTION

This tool is part of the samba(7) suite.

The Samba net utility is meant to work just like the net utility available for windows and DOS. The first argument should be used to specify the protocol to use when executing a certain command. ADS is used for ActiveDirectory, RAP is using for old (Win9x/NT3) clients and RPC can be used for NT4 and Windows 2000. If this argument is omitted, net will try to determine it automatically. Not all commands are available on all protocols.

Читайте также:  Alt linux сервер времени

OPTIONS

-h|—help Print a summary of command line options.

-w target-workgroup Sets target workgroup or domain. You have to specify either this option or the IP address or the name of a server.

-W workgroup Sets client workgroup or domain

-U user User name to use

-I ip-address IP address of target server to use. You have to specify either this option or a target workgroup or a target server.

-p port Port on the target server to connect to (usually 139 or 445). Defaults to trying 445 first, then 139.

This option allows you to override the NetBIOS name that Samba uses for itself. This is identical to setting the netbios name parameter in the smb.conf file. However, a command line setting will take precedence over settings in smb.conf.

-s The file specified contains the configuration details required by the server. The information in this file includes server-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide. See smb.conf for more information. The default configuration file name is determined at compile time.

-S server Name of target server. You should specify either this option or a target workgroup or a target IP address.

-l When listing data, give more information on each item.

-P Make queries to the external server using the machine account of the local server.

-d|—debuglevel=level level is an integer from 0 to 10. The default value if this parameter is not specified is 0.

The higher this value, the more detail will be logged to the log files about the activities of the server. At level 0, only critical errors and serious warnings will be logged. Level 1 is a reasonable level for day-to-day running — it generates a small amount of information about operations carried out.

Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic.

Note that specifying this parameter here will override the log level parameter in the smb.conf file.

COMMANDS

CHANGESECRETPW

This command allows the Samba machine account password to be set from an external application to a machine account password that has already been stored in Active Directory. DO NOT USE this command unless you know exactly what you are doing. The use of this command requires that the force flag (-f) be used also. There will be NO command prompt. Whatever information is piped into stdin, either by typing at the command line or otherwise, will be stored as the literal machine password. Do NOT use this without care and attention as it will overwrite a legitimate machine password without warning. YOU HAVE BEEN WARNED.

The NET TIME command allows you to view the time on a remote server or synchronise the time on the local server with the time on the remote server.

Without any options, the NET TIME command displays the time on the remote server.

TIME SYSTEM

Displays the time on the remote server in a format ready for /bin/date.

TIME SET

Tries to set the date and time of the local server to that on the remote server using /bin/date.

TIME ZONE

Displays the timezone in hours from GMT on the remote computer.

[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]

Join a domain. If the account already exists on the server, and [TYPE] is MEMBER, the machine will attempt to join automatically. (Assuming that the machine has been created in server manager) Otherwise, a password will be prompted for, and a new account may be created.

[TYPE] may be PDC, BDC or MEMBER to specify the type of server joining the domain.

[UPN] (ADS only) set the principalname attribute during the join. The default format is host/netbiosname@REALM.

[OU] (ADS only) Precreate the computer account in a specific OU. The OU string reads from top to bottom without RDNs, and is delimited by a ‘/’. Please note that ‘\’ is used for escape by both the shell and ldap, so it may need to be doubled or quadrupled to pass through, and it is not used as a delimiter.

[RPC] OLDJOIN [options]

Join a domain. Use the OLDJOIN option to join the domain using the old style of domain joining — you need to create a trust account in server manager first.

[RPC|ADS] USER

[RPC|ADS] USER

[RPC|ADS] USER DELETE target

Delete specified user

[RPC|ADS] USER INFO target

List the domain groups of the specified user.

[RPC|ADS] USER RENAME oldname newname

Rename specified user.

[RPC|ADS] USER ADD name [password] [-F user flags] [-C comment]

Add specified user.

[RPC|ADS] GROUP

[RPC|ADS] GROUP [misc options] [targets]

List user groups.

[RPC|ADS] GROUP DELETE name [misc. options]

Delete specified group.

[RPC|ADS] GROUP ADD name [-C comment]

Create specified group.

[RAP|RPC] SHARE

[RAP|RPC] SHARE [misc. options] [targets]

Enumerates all exported resources (network shares) on target server.

[RAP|RPC] SHARE ADD name=serverpath [-C comment] [-M maxusers] [targets]

Adds a share from a server (makes the export active). Maxusers specifies the number of users that can be connected to the share simultaneously.

SHARE DELETE sharename

Delete specified share.

[RPC|RAP] FILE

[RPC|RAP] FILE

List all open files on remote server.

[RPC|RAP] FILE CLOSE fileid

Close file with specified fileid on remote server.

[RPC|RAP] FILE INFO fileid

Print information on specified fileid. Currently listed are: file-id, username, locks, path, permissions.

[RAP|RPC] FILE USER user

List files opened by specified user. Please note that net rap file user does not work against Samba servers.

SESSION

RAP SESSION

Without any other options, SESSION enumerates all active SMB/CIFS sessions on the target server.

RAP SESSION DELETE|CLOSE CLIENT_NAME

Close the specified sessions.

RAP SESSION INFO CLIENT_NAME

Give a list with all the open files in specified session.

RAP SERVER DOMAIN

List all servers in specified domain or workgroup. Defaults to local domain.

RAP DOMAIN

Lists all domains and workgroups visible on the current network.

RAP PRINTQ

RAP PRINTQ LIST QUEUE_NAME

Lists the specified print queue and print jobs on the server. If the QUEUE_NAME is omitted, all queues are listed.

RAP PRINTQ DELETE JOBID

Delete job with specified id.

RAP VALIDATE user [password]

Validate whether the specified user can log in to the remote server. If the password is not specified on the commandline, it will be prompted.

Currently NOT implemented.

RAP GROUPMEMBER

RAP GROUPMEMBER LIST GROUP

List all members of the specified group.

RAP GROUPMEMBER DELETE GROUP USER

Delete member from group.

RAP GROUPMEMBER ADD GROUP USER

Add member to group.

RAP ADMIN command

Execute the specified command on the remote server. Only works with OS/2 servers.

Currently NOT implemented.

RAP SERVICE

RAP SERVICE START NAME [arguments. ]

Start the specified service on the remote server. Not implemented yet.

Currently NOT implemented.

RAP SERVICE STOP

Stop the specified service on the remote server.

Читайте также:  Барабан для принтера hp 177fw

Currently NOT implemented.

RAP PASSWORD USER OLDPASS NEWPASS

Change password of USER from OLDPASS to NEWPASS.

LOOKUP

LOOKUP HOST HOSTNAME [TYPE]

Lookup the IP address of the given host with the specified type (netbios suffix). The type defaults to 0x20 (workstation).

LOOKUP LDAP [DOMAIN]

Give IP address of LDAP server of specified DOMAIN. Defaults to local domain.

LOOKUP KDC [REALM]

Give IP address of KDC for the specified REALM. Defaults to local realm.

LOOKUP DC [DOMAIN]

Give IP’s of Domain Controllers for specified DOMAIN. Defaults to local domain.

LOOKUP MASTER DOMAIN

Give IP of master browser for specified DOMAIN or workgroup. Defaults to local domain.

CACHE

Samba uses a general caching interface called ‘gencache’. It can be controlled using ‘NET CACHE’.

All the timeout parameters support the suffixes:

Tag Description
s — Seconds
m — Minutes
h — Hours
d — Days
w — Weeks

CACHE ADD key data time-out

Add specified key+data to the cache with the given timeout.

CACHE DEL key

Delete key from the cache.

CACHE SET key data time-out

Update data of existing cache entry.

CACHE SEARCH PATTERN

Search for the specified pattern in the cache data.

CACHE LIST

List all current items in the cache.

CACHE FLUSH

Remove all the current items from the cache.

GETLOCALSID [DOMAIN]

Prints the SID of the specified domain, or if the parameter is omitted, the SID of the local server.

SETLOCALSID S-1-5-21-x-y-z

Sets SID for the local server to the specified SID.

GETDOMAINSID

Prints the local machine SID and the SID of the current domain.

SETDOMAINSID

Sets the SID of the current domain.

GROUPMAP

Manage the mappings between Windows group SIDs and UNIX groups. Common options include:

Tag Description
o unixgroup — Name of the UNIX group
Tag Description
o ntgroup — Name of the Windows NT group (must be resolvable to a SID
Tag Description
o rid — Unsigned 32-bit integer
Tag Description
o sid — Full SID in the form of «S-1-. «
Tag Description
o type — Type of the group; either ‘domain’, ‘local’, or ‘builtin’
Tag Description
o comment — Freeform text description of the group

GROUPMAP ADD

Add a new group mapping entry:

GROUPMAP DELETE

Delete a group mapping entry. If more than one group name matches, the first entry found is deleted.

net groupmap delete

GROUPMAP MODIFY

Update en existing group entry.

GROUPMAP LIST

List existing group mapping entries.

net groupmap list [verbose] [ntgroup=string] [sid=SID]

MAXRID

Prints out the highest RID currently in use on the local server (by the active ‘passdb backend’).

RPC INFO

Print information about the domain of the remote server, such as domain name, domain sid and number of users and groups.

[RPC|ADS] TESTJOIN

Check whether participation in a domain is still valid.

[RPC|ADS] CHANGETRUSTPW

Force change of domain trust password.

RPC TRUSTDOM

RPC TRUSTDOM ADD DOMAIN

Add a interdomain trust account for DOMAIN. This is in fact a Samba account named DOMAIN$ with the account flag ‘I’ (interdomain trust account). If the command is used against localhost it has the same effect as smbpasswd -a -i DOMAIN. Please note that both commands expect a appropriate UNIX account.

RPC TRUSTDOM DEL DOMAIN

Remove interdomain trust account for DOMAIN. If it is used against localhost it has the same effect as smbpasswd -x DOMAIN$.

RPC TRUSTDOM ESTABLISH DOMAIN

Establish a trust relationship to a trusting domain. Interdomain account must already be created on the remote PDC.

RPC TRUSTDOM REVOKE DOMAIN

Abandon relationship to trusted domain

RPC TRUSTDOM LIST

List all current interdomain trust relationships.

RPC RIGHTS

This subcommand is used to view and manage Samba’s rights assignments (also referred to as privileges). There are three options currently available: list, grant, and revoke. More details on Samba’s privilege model and its use can be found in the Samba-HOWTO-Collection.

RPC ABORTSHUTDOWN

Abort the shutdown of a remote server.

RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]

Shut down the remote server.

-r Reboot after shutdown.

-f Force shutting down all applications.

-t timeout Timeout before system will be shut down. An interactive user of the system can use this time to cancel the shutdown. ‘>

-C message Display the specified message on the screen to announce the shutdown.

RPC SAMDUMP

Print out sam database of remote server. You need to run this against the PDC, from a Samba machine joined as a BDC.

RPC VAMPIRE

Export users, aliases and groups from remote server to local server. You need to run this against the PDC, from a Samba machine joined as a BDC.

RPC GETSID

Fetch domain SID and store it in the local secrets.tdb.

ADS LEAVE

Make the remote host leave the domain it is part of.

ADS STATUS

Print out status of machine account of the local machine in ADS. Prints out quite some debug info. Aimed at developers, regular users should use NET ADS TESTJOIN.

ADS PRINTER

ADS PRINTER INFO [PRINTER] [SERVER]

Lookup info for PRINTER on SERVER. The printer name defaults to «*», the server name defaults to the local host.

ADS PRINTER PUBLISH PRINTER

Publish specified printer using ADS.

ADS PRINTER REMOVE PRINTER

Remove specified printer from ADS directory.

ADS SEARCH EXPRESSION ATTRIBUTES.

Perform a raw LDAP search on a ADS server and dump the results. The expression is a standard LDAP search expression, and the attributes are a list of LDAP fields to show in the results.

Example: net ads search ‘(objectCategory=group)’ sAMAccountName

ADS DN DN (attributes)

Perform a raw LDAP search on a ADS server and dump the results. The DN standard LDAP DN, and the attributes are a list of LDAP fields to show in the result.

Example: net ads dn ‘CN=administrator,CN=Users,DC=my,DC=domain’ SAMAccountName

ADS WORKGROUP

Print out workgroup name for specified kerberos realm.

SAM CREATEBUILTINGROUP

(Re)Create a BUILTIN group. Only a wellknown set of BUILTIN groups can be created with this command. This is the list of currently recognized group names: Administrators, Users, Guests, Power Users, Account Operators, Server Operators, Print Operators, Backup Operators, Replicator, RAS Servers, Pre-Windows 2000 compatible Access. This command requires a running Winbindd with idmap allocation properly configured. The group gid will be allocated out of the winbindd range.

SAM CREATELOCALGROUP

Create a LOCAL group (also known as Alias). This command requires a running Winbindd with idmap allocation properly configured. The group gid will be allocated out of the winbindd range.

SAM DELETELOCALGROUP

Delete an existing LOCAL group (also known as Alias).

SAM MAPUNIXGROUP

Map an existing Unix group and make it a Domain Group, the domain group will have the same name.

SAM UNMAPUNIXGROUP

Remove an existing group mapping entry.

SAM ADDMEM

Add a member to a Local group. The group can be specified only by name, the member can be specified by name or SID.

SAM DELMEM

Remove a member from a Local group. The group and the member must be specified by name.

SAM LISTMEM

List Local group members. The group must be specified by name.

SAM LIST [verbose]

List the specified set of accounts by name. If verbose is specified, the rid and description is also provided for each account.

SAM SHOW

Show the full DOMAIN\\NAME the SID and the type for the corresponding account.

SAM SET HOMEDIR

Set the home directory for a user account.

SAM SET PROFILEPATH

Set the profile path for a user account.

SAM SET COMMENT

Set the comment for a user or group account.

Источник

Поделиться с друзьями
КомпСовет
© 2022 КомпСовет Внимание! Информация, опубликованная на сайте, носит исключительно ознакомительный характер и не является рекомендацией к применению.
Adblock
detector