--- /dev/null
+.\"Generated by db2man.xsl. Don't modify this, modify the source.
+.de Sh \" Subsection
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.TH "NET" 8 "" "" ""
+.SH NAME
+net \- Tool for administration of Samba and remote CIFS servers.
+.SH "SYNOPSIS"
+.ad l
+.hy 0
+.HP 4
+\fBnet\fR {<ads|rap|rpc>} [\-h] [\-w\ workgroup] [\-W\ myworkgroup] [\-U\ user] [\-I\ ip\-address] [\-p\ port] [\-n\ myname] [\-s\ conffile] [\-S\ server] [\-l] [\-P] [\-d\ debuglevel] [\-V]
+.ad
+.hy
+
+.SH "DESCRIPTION"
+
+.PP
+This tool is part of the \fBsamba\fR(7) suite\&.
+
+.PP
+The samba net utility is meant to work just like the net utility available for windows and DOS\&. The first argument should be used to specify the protocol to use when executing a certain command\&. ADS is used for ActiveDirectory, RAP is using for old (Win9x/NT3) clients and RPC can be used for NT4 and Windows 2000\&. If this argument is omitted, net will try to determine it automatically\&. Not all commands are available on all protocols\&.
+
+.SH "OPTIONS"
+
+.TP
+\-h|\-\-help
+Print a summary of command line options\&.
+
+.TP
+\-w target\-workgroup
+Sets target workgroup or domain\&. You have to specify either this option or the IP address or the name of a server\&.
+
+.TP
+\-W workgroup
+Sets client workgroup or domain
+
+.TP
+\-U user
+User name to use
+
+.TP
+\-I ip\-address
+IP address of target server to use\&. You have to specify either this option or a target workgroup or a target server\&.
+
+.TP
+\-p port
+Port on the target server to connect to (usually 139 or 445)\&. Defaults to trying 445 first, then 139\&.
+
+.TP
+\-n <primary NetBIOS name>
+This option allows you to override the NetBIOS name that Samba uses for itself\&. This is identical to setting the parameter in the \fIsmb\&.conf\fR file\&. However, a command line setting will take precedence over settings in \fIsmb\&.conf\fR\&.
+
+.TP
+\-s <configuration file>
+The file specified contains the configuration details required by the server\&. The information in this file includes server\-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\&. See \fIsmb\&.conf\fR for more information\&. The default configuration file name is determined at compile time\&.
+
+.TP
+\-S server
+Name of target server\&. You should specify either this option or a target workgroup or a target IP address\&.
+
+.TP
+\-l
+When listing data, give more information on each item\&.
+
+.TP
+\-P
+Make queries to the external server using the machine account of the local server\&.
+
+.TP
+\-d|\-\-debuglevel=level
+\fIlevel\fR is an integer from 0 to 10\&. The default value if this parameter is not specified is zero\&.
+
+The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day\-to\-day running \- it generates a small amount of information about operations carried out\&.
+
+Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\&. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\&.
+
+Note that specifying this parameter here will override the parameter in the \fIsmb\&.conf\fR file\&.
+
+.SH "COMMANDS"
+
+.SS "CHANGESECRETPW"
+
+.PP
+This command allows the Samba machine account password to be set from an external application to a machine account password that has already been stored in Active Directory\&. DO NOT USE this command unless you know exactly what you are doing\&. The use of this command requires that the force flag (\-f) be used also\&. There will be NO command prompt\&. Whatever information is piped into stdin, either by typing at the command line or otherwise, will be stored as the literal machine password\&. Do NOT use this without care and attention as it will overwrite a legitimate machine password without warning\&. YOU HAVE BEEN WARNED\&.
+
+.SS "TIME"
+
+.PP
+The \fBNET TIME\fR command allows you to view the time on a remote server or synchronise the time on the local server with the time on the remote server\&.
+
+.SS "TIME"
+
+.PP
+Without any options, the \fBNET TIME\fR command displays the time on the remote server\&.
+
+.SS "TIME SYSTEM"
+
+.PP
+Displays the time on the remote server in a format ready for \fB/bin/date\fR
+
+.SS "TIME SET"
+
+.PP
+Tries to set the date and time of the local server to that on the remote server using \fB/bin/date\fR\&.
+
+.SS "TIME ZONE"
+
+.PP
+Displays the timezone in hours from GMT on the remote computer\&.
+
+.SS "[RPC|ADS] JOIN [TYPE] [-U username[%password]] [options]"
+
+.PP
+Join a domain\&. If the account already exists on the server, and [TYPE] is MEMBER, the machine will attempt to join automatically\&. (Assuming that the machine has been created in server manager) Otherwise, a password will be prompted for, and a new account may be created\&.
+
+.PP
+[TYPE] may be PDC, BDC or MEMBER to specify the type of server joining the domain\&.
+
+.SS "[RPC] OLDJOIN [options]"
+
+.PP
+Join a domain\&. Use the OLDJOIN option to join the domain using the old style of domain joining \- you need to create a trust account in server manager first\&.
+
+.SS "[RPC|ADS] USER"
+
+.SS "[RPC|ADS] USER"
+
+.PP
+List all users
+
+.SS "[RPC|ADS] USER DELETE target"
+
+.PP
+Delete specified user
+
+.SS "[RPC|ADS] USER INFO target"
+
+.PP
+List the domain groups of a the specified user\&.
+
+.SS "[RPC|ADS] USER RENAME oldname newname"
+
+.PP
+Rename specified user\&.
+
+.SS "[RPC|ADS] USER ADD name [password] [-F user flags] [-C comment]"
+
+.PP
+Add specified user\&.
+
+.SS "[RPC|ADS] GROUP"
+
+.SS "[RPC|ADS] GROUP [misc options] [targets]"
+
+.PP
+List user groups\&.
+
+.SS "[RPC|ADS] GROUP DELETE name [misc. options]"
+
+.PP
+Delete specified group\&.
+
+.SS "[RPC|ADS] GROUP ADD name [-C comment]"
+
+.PP
+Create specified group\&.
+
+.SS "[RAP|RPC] SHARE"
+
+.SS "[RAP|RPC] SHARE [misc. options] [targets]"
+
+.PP
+Enumerates all exported resources (network shares) on target server\&.
+
+.SS "[RAP|RPC] SHARE ADD name=serverpath [-C comment] [-M maxusers] [targets]"
+
+.PP
+Adds a share from a server (makes the export active)\&. Maxusers specifies the number of users that can be connected to the share simultaneously\&.
+
+.SS "SHARE DELETE sharenam"
+
+.PP
+Delete specified share\&.
+
+.SS "[RPC|RAP] FILE"
+
+.SS "[RPC|RAP] FILE"
+
+.PP
+List all open files on remote server\&.
+
+.SS "[RPC|RAP] FILE CLOSE fileid"
+
+.PP
+Close file with specified \fIfileid\fR on remote server\&.
+
+.SS "[RPC|RAP] FILE INFO fileid"
+
+.PP
+Print information on specified \fIfileid\fR\&. Currently listed are: file\-id, username, locks, path, permissions\&.
+
+.SS "[RAP|RPC] FILE USER"
+
+.RS
+.Sh "Note"
+
+.PP
+Currently NOT implemented\&.
+
+.RE
+
+.SS "SESSION"
+
+.SS "RAP SESSION"
+
+.PP
+Without any other options, SESSION enumerates all active SMB/CIFS sessions on the target server\&.
+
+.SS "RAP SESSION DELETE|CLOSE CLIENT_NAME"
+
+.PP
+Close the specified sessions\&.
+
+.SS "RAP SESSION INFO CLIENT_NAME"
+
+.PP
+Give a list with all the open files in specified session\&.
+
+.SS "RAP SERVER DOMAIN"
+
+.PP
+List all servers in specified domain or workgroup\&. Defaults to local domain\&.
+
+.SS "RAP DOMAIN"
+
+.PP
+Lists all domains and workgroups visible on the current network\&.
+
+.SS "RAP PRINTQ"
+
+.SS "RAP PRINTQ LIST QUEUE_NAME"
+
+.PP
+Lists the specified print queue and print jobs on the server\&. If the \fIQUEUE_NAME\fR is omitted, all queues are listed\&.
+
+.SS "RAP PRINTQ DELETE JOBID"
+
+.PP
+Delete job with specified id\&.
+
+.SS "RAP VALIDATE user [password]"
+
+.PP
+Validate whether the specified user can log in to the remote server\&. If the password is not specified on the commandline, it will be prompted\&.
+
+.RS
+.Sh "Note"
+
+.PP
+Currently NOT implemented\&.
+
+.RE
+
+.SS "RAP GROUPMEMBER"
+
+.SS "RAP GROUPMEMBER LIST GROUP"
+
+.PP
+List all members of the specified group\&.
+
+.SS "RAP GROUPMEMBER DELETE GROUP USER"
+
+.PP
+Delete member from group\&.
+
+.SS "RAP GROUPMEMBER ADD GROUP USER"
+
+.PP
+Add member to group\&.
+
+.SS "RAP ADMIN command"
+
+.PP
+Execute the specified \fIcommand\fR on the remote server\&. Only works with OS/2 servers\&.
+
+.RS
+.Sh "Note"
+
+.PP
+Currently NOT implemented\&.
+
+.RE
+
+.SS "RAP SERVICE"
+
+.SS "RAP SERVICE START NAME [arguments...]"
+
+.PP
+Start the specified service on the remote server\&. Not implemented yet\&.
+
+.RS
+.Sh "Note"
+
+.PP
+Currently NOT implemented\&.
+
+.RE
+
+.SS "RAP SERVICE STOP"
+
+.PP
+Stop the specified service on the remote server\&.
+
+.RS
+.Sh "Note"
+
+.PP
+Currently NOT implemented\&.
+
+.RE
+
+.SS "RAP PASSWORD USER OLDPASS NEWPASS"
+
+.PP
+Change password of \fIUSER\fR from \fIOLDPASS\fR to \fINEWPASS\fR\&.
+
+.SS "LOOKUP"
+
+.SS "LOOKUP HOST HOSTNAME [TYPE]"
+
+.PP
+Lookup the IP address of the given host with the specified type (netbios suffix)\&. The type defaults to 0x20 (workstation)\&.
+
+.SS "LOOKUP LDAP [DOMAIN"
+
+.PP
+Give IP address of LDAP server of specified \fIDOMAIN\fR\&. Defaults to local domain\&.
+
+.SS "LOOKUP KDC [REALM]"
+
+.PP
+Give IP address of KDC for the specified \fIREALM\fR\&. Defaults to local realm\&.
+
+.SS "LOOKUP DC [DOMAIN]"
+
+.PP
+Give IP's of Domain Controllers for specified \fI DOMAIN\fR\&. Defaults to local domain\&.
+
+.SS "LOOKUP MASTER DOMAIN"
+
+.PP
+Give IP of master browser for specified \fIDOMAIN\fR or workgroup\&. Defaults to local domain\&.
+
+.SS "CACHE"
+
+.PP
+Samba uses a general caching interface called 'gencache'\&. It can be controlled using 'NET CACHE'\&.
+
+.PP
+All the timeout parameters support the suffixes:
+s \- Secondsm \- Minutesh \- Hoursd \- Daysw \- Weeks
+
+.SS "CACHE ADD key data time-out"
+
+.PP
+Add specified key+data to the cache with the given timeout\&.
+
+.SS "CACHE DEL key"
+
+.PP
+Delete key from the cache\&.
+
+.SS "CACHE SET key data time-out"
+
+.PP
+Update data of existing cache entry\&.
+
+.SS "CACHE SEARCH PATTERN"
+
+.PP
+Search for the specified pattern in the cache data\&.
+
+.SS "CACHE LIST"
+
+.PP
+List all current items in the cache\&.
+
+.SS "CACHE FLUSH"
+
+.PP
+Remove all the current items from the cache\&.
+
+.SS "GETLOCALSID [DOMAIN]"
+
+.PP
+Print the SID of the specified domain, or if the parameter is omitted, the SID of the domain the local server is in\&.
+
+.SS "SETLOCALSID S-1-5-21-x-y-z"
+
+.PP
+Sets domain sid for the local server to the specified SID\&.
+
+.SS "GROUPMAP"
+
+.PP
+Manage the mappings between Windows group SIDs and UNIX groups\&. Parameters take the for "parameter=value"\&. Common options include:
+
+.TP 3
+\(bu
+unixgroup \- Name of the UNIX group
+.TP
+\(bu
+ntgroup \- Name of the Windows NT group (must be resolvable to a SID
+.TP
+\(bu
+rid \- Unsigned 32\-bit integer
+.TP
+\(bu
+sid \- Full SID in the form of "S\-1\-\&.\&.\&."
+.TP
+\(bu
+type \- Type of the group; either 'domain', 'local', or 'builtin'
+.TP
+\(bu
+comment \- Freeform text description of the group
+.LP
+
+.SS "GROUPMAP ADD"
+
+.PP
+Add a new group mapping entry:
+.nf
+
+net groupmap add {rid=int|sid=string} unixgroup=string \\
+ [type={domain|local}] [ntgroup=string] [comment=string]
+.fi
+
+
+.SS "GROUPMAP DELETE"
+
+.PP
+Delete a group mapping entry\&. If more then one group name matches, the first entry found is deleted\&.
+
+.PP
+net groupmap delete {ntgroup=string|sid=SID}
+
+.SS "GROUPMAP MODIFY"
+
+.PP
+Update en existing group entry
+
+.PP
+
+.nf
+
+net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \\
+ [comment=string] [type={domain|local}]
+.fi
+
+
+.SS "GROUPMAP LIST"
+
+.PP
+List existing group mapping entries
+
+.PP
+net groupmap list [verbose] [ntgroup=string] [sid=SID]
+
+.SS "MAXRID"
+
+.PP
+Prints out the highest RID currently in use on the local server (by the active 'passdb backend')\&.
+
+.SS "RPC INFO"
+
+.PP
+Print information about the domain of the remote server, such as domain name, domain sid and number of users and groups\&.
+
+.SS "[RPC|ADS] TESTJOIN"
+
+.PP
+Check whether participation in a domain is still valid\&.
+
+.SS "[RPC|ADS] CHANGETRUSTPW"
+
+.PP
+Force change of domain trust password\&.
+
+.SS "RPC TRUSTDOM"
+
+.SS "RPC TRUSTDOM ADD DOMAIN"
+
+.PP
+Add a interdomain trust account for \fIDOMAIN\fR to the remote server\&.
+
+.SS "RPC TRUSTDOM DEL DOMAIM"
+
+.PP
+Remove interdomain trust account for \fIDOMAIN\fR from the remote server\&.
+
+.RS
+.Sh "Note"
+
+.PP
+Currently NOT implemented\&.
+
+.RE
+
+.SS "RPC TRUSTDOM ESTABLISH DOMAIN"
+
+.PP
+Establish a trust relationship to a trusting domain\&. Interdomain account must already be created on the remote PDC\&.
+
+.SS "RPC TRUSTDOM REVOKE DOMAIN"
+
+.PP
+Abandon relationship to trusted domain
+
+.SS "RPC TRUSTDOM LIST"
+
+.PP
+List all current interdomain trust relationships\&.
+
+.SS "RPC RIGHTS"
+
+.PP
+This subcommand is used to view and manage Samba's rights assignments (also referred to as privileges)\&. There are three options current available: \fIlist\fR, \fIgrant\fR, and \fIrevoke\fR\&. More details on Samba's privilege model and its use can be found in the Samba\-HOWTO\-Collection\&.
+
+.SS "RPC ABORTSHUTDOWN"
+
+.PP
+Abort the shutdown of a remote server\&.
+
+.SS "SHUTDOWN [-t timeout] [-r] [-f] [-C message]"
+
+.PP
+Shut down the remote server\&.
+
+.TP
+\-r
+Reboot after shutdown\&.
+
+.TP
+\-f
+Force shutting down all applications\&.
+
+.TP
+\-t timeout
+Timeout before system will be shut down\&. An interactive user of the system can use this time to cancel the shutdown\&.
+
+.TP
+\-C message
+Display the specified message on the screen to announce the shutdown\&.
+
+.SS "SAMDUMP"
+
+.PP
+Print out sam database of remote server\&. You need to run this on either a BDC\&.
+
+.SS "VAMPIRE"
+
+.PP
+Export users, aliases and groups from remote server to local server\&. Can only be run an a BDC\&.
+
+.SS "GETSID"
+
+.PP
+Fetch domain SID and store it in the local \fIsecrets\&.tdb\fR\&.
+
+.SS "ADS LEAVE"
+
+.PP
+Make the remote host leave the domain it is part of\&.
+
+.SS "ADS STATUS"
+
+.PP
+Print out status of machine account of the local machine in ADS\&. Prints out quite some debug info\&. Aimed at developers, regular users should use \fBNET ADS TESTJOIN\fR\&.
+
+.SS "ADS PRINTER"
+
+.SS "ADS PRINTER INFO [PRINTER] [SERVER]"
+
+.PP
+Lookup info for \fIPRINTER\fR on \fISERVER\fR\&. The printer name defaults to "*", the server name defaults to the local host\&.
+
+.SS "ADS PRINTER PUBLISH PRINTER"
+
+.PP
+Publish specified printer using ADS\&.
+
+.SS "ADS PRINTER REMOVE PRINTER"
+
+.PP
+Remove specified printer from ADS directory\&.
+
+.SS "ADS SEARCH EXPRESSION ATTRIBUTES..."
+
+.PP
+Perform a raw LDAP search on a ADS server and dump the results\&. The expression is a standard LDAP search expression, and the attributes are a list of LDAP fields to show in the results\&.
+
+.PP
+Example: \fBnet ads search '(objectCategory=group)' sAMAccountName\fR
+
+.SS "ADS DN DN (attributes)"
+
+.PP
+Perform a raw LDAP search on a ADS server and dump the results\&. The DN standard LDAP DN, and the attributes are a list of LDAP fields to show in the result\&.
+
+.PP
+Example: \fBnet ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName\fR
+
+.SS "WORKGROUP"
+
+.PP
+Print out workgroup name for specified kerberos realm\&.
+
+.SS "HELP [COMMAND]"
+
+.PP
+Gives usage information for the specified command\&.
+
+.SH "VERSION"
+
+.PP
+This man page is complete for version 3\&.0 of the Samba suite\&.
+
+.SH "AUTHOR"
+
+.PP
+The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&.
+
+.PP
+The net manpage was written by Jelmer Vernooij\&.
+
projects / samba / blobdiff