Samba-tool-external: Difference between revisions
From SambaWiki
mNo edit summary |
mNo edit summary |
||
Line 28: | Line 28: | ||
</tr> |
</tr> |
||
<tr> |
<tr> |
||
<td>acl</td> |
<td rowspan="3">acl</td> |
||
<td>get or set acls on a file</td> |
<td rowspan="3">get or set acls on a file</td> |
||
<td>get |
<td>get nt</td> |
||
<td> |
<td><file></td> |
||
<td>general options</td> |
|||
<td></td> |
|||
</tr> |
|||
<tr> |
|||
<td>set nt</td> |
|||
<td><file></td> |
|||
<td>general options</td> |
|||
<td></td> |
|||
</tr> |
|||
<tr> |
|||
<td>set ds</td> |
|||
<td><file></td> |
|||
<td>general options</td> |
<td>general options</td> |
||
<td></td> |
<td></td> |
||
Line 173: | Line 185: | ||
<tr> |
<tr> |
||
<td>vampire</td> |
<td>vampire</td> |
||
<td>Join and synchronise a remote AD domain to the local server |
<td>Join and synchronise a remote AD domain to the local server<br>(server connection needed)</td> |
||
<td></td> |
<td></td> |
||
<td>domain</td> |
<td>domain</td> |
Revision as of 16:31, 28 April 2011
samba-tool
This wiki page will document the current externals of the samba-tool command with proposed changes to be made for consistency and usability.
The proposed format for all new / existing functions on the samba-tool command are as follows:
samba-tool <object> <action> <command specific options> <general options>
- When the samba-tool command is issued without a subcommand, it will return a list of valid subcommands (it does this today)
- After each subcommand is entered, if more parameters are required a list of what comes next will be shown (sometimes does this today)
- If the command syntax is completely incorrect, will give the format of the subcommand (sometimes does this today)
- For each subcommand, help will be provided
- Error handling will be improved, more errors will be caught with useable messages being issued where applicable
Current commands listed in __init__.py in samba 4 Version 4.0.0alpha15-GIT-b12fbc2
samba-tool current commands:
Subcommand | Description | Parameters | Command specific options | General options | Comments |
acl | get or set acls on a file | get nt | <file> | general options | |
set nt | <file> | general options | |||
set ds | <file> | general options | |||
domainlevel | Raises domain and forest function level | show or raise | add options | ||
drs | various directory replication services | bind, kcc, replicate, showrepl, options | add options | ||
enableaccount | enable a user | username | Change to user enableaccount to be consistent with object action combine with samba-tool user |
||
export | Dumps kerberos keys of the domain into a keytab | keytab | Change to keytab export? to be consistent with object action |
||
fsmo | Makes the target DC transfer or seize fsmo role (server connection needed) | show, transfer, seize | Add options | ||
group | Add or delete groups or add members to or remove members from a group | add,delete,addmembers,removemembers | |||
gpo2 | List group policies | list, listall | |||
join | Join a domain as either a member or a backup domain controller (server connection required) | dns domain | add options | Change command to DOMAIN [JOINDC JOINRODC, JOINMEMBER, options] consistent with object action format. what is the object maybe keep as samba-tool join with implicit object? |
|
ldapcmp | compare two ldap databases | UR1L, URL2 | add options | Change to split into ldap compare. | |
machinepw | get machine PW out of SAM | Change to password machine show? | |||
newuser | combine function with user create | ||||
pwsettings | Sets password settings | set, show | |||
password | set or change password, | set, change | user | re-write into python add machinepw to this command password machine show? | |
setexpiry | Sets the expiration of a user account | [username] | add options | Change to user setexpiry [username]? | |
setpassword | set user password locally, need write access to ldb files | Use password command combine both commands local and remote into one external | |||
time | Retrieve the time on a remote server (server connection needed) | [server-name] | Change format | ||
user | create or delete a user | create, delete | options | Add enable, add setexpiry? | |
vampire | Join and synchronise a remote AD domain to the local server (server connection needed) |
domain | hmmm... |
samba-tool proposal for command syntax changes
Command syntax will follow the format samba-tool <object> <action> parameter(s) <command specific options> <global options> unless otherwise indicated.
<tdObject | Action | Parameter(s) | Specific Options | Global Options | Comments |
---|---|---|---|---|---|
acl | get nt | <file> | --as-sddl --xattr-backend=native|tdb --eadb-file=file |
global options | Could combine get and nt into one action getnt Of leave as get <space> nt for historical purposes |
set nt | <file> | --xattr-backend=native|tdb --eadb-file=file |
global options | Could combine set and nt into one action setnt | |
set ds | <file> | --objectdn=objectdn --car=control right --action=deny|allow --trusteedn=trustee-dn |
global options | Could combine set and ds into one action setds | |
domainlevel | show | global options | |||
raise | -H --quiet --forest --domain |
global options | |||
drs | bind | ||||
kcc | |||||
replicate | |||||
showrepl | |||||
options | |||||
group | add | ||||
delete | |||||
addmembers | |||||
removemembers | |||||
gpo2 | list | ||||
listall | |||||
join | dns domain | add options | global options | What is the object being joined? server? machine? | |
fsmo show | add options | global options | What is the object being shown? domain controller? server? machine? |
||
fsmo transfer | add options | global options | What is the object? | ||
fsmo seize | add options | global options | What is the object? | ||
export | keytab | add options | global options | What is the object? | |
ldap | compare | URL1, URL2 | add options | Change to split into ldap compare. | |
pwsettings | show | ||||
set | add parameters that can be set | ||||
password | set | user | |||
change | user | ||||
time | server-name | Change format? add an optional action: show ? | |||
user | create | username | global options | Changing add to create, can / should make an alias? The help on this command already says add - create a new user create makes more sense, add sounds like it already exists and adding it to a group, for instance opposite of removemembers is addmembers |
|
delete | username | global options | |||
setexpiry | username | -H help | global options | this used to be setexpiry username command | |
--days=int | |||||
--filter=str | |||||
--noexpiry | |||||
enableaccount | username | -H help | global options | this used to be enableaccount username command | |
--filter=str | |||||
vampire | domain | global options | Keep as vampire command for usability / historical purposes Do not change to object action format |