Samba-tool-external: Difference between revisions
From SambaWiki
mNo edit summary |
mNo edit summary |
||
Line 25: | Line 25: | ||
<td>nt(file), ds(directory object)</td> |
<td>nt(file), ds(directory object)</td> |
||
<td>general options</td> |
<td>general options</td> |
||
<td> |
<td></td> |
||
</tr> |
|||
<tr> |
|||
<td>domainlevel</td> |
|||
<td>Raises domain and forest function level</td> |
|||
<td>show or raise</td> |
|||
<td></td> |
|||
<td>add options</td> |
|||
<td></td> |
|||
</tr> |
|||
<tr> |
|||
<td>drs</td> |
|||
<td>various directory replication services</td> |
|||
<td>bind, kcc, replicate, showrepl, options</td> |
|||
<td></td> |
|||
<td>add options</td> |
|||
<td></td> |
|||
</tr> |
|||
<tr> |
|||
<td>enableaccount</td> |
|||
<td>enable a user</td> |
|||
<td></td> |
|||
<td>username</td> |
|||
<td></td> |
|||
<td>Change to '''user enableaccount''' to be consistent with object action</td> |
|||
</tr> |
|||
<tr> |
|||
<td>export</td> |
|||
<td>Dumps kerberos keys of the domain into a keytab</td> |
|||
<td>keytab</td> |
|||
<td></td> |
|||
<td></td> |
|||
<td>Change to '''keytab export''' to be consistent with object action</td> |
|||
</tr> |
|||
<tr> |
|||
<td>fsmo</td> |
|||
<td>Makes the target DC transfer or seize fsmo role (server connection needed)</td> |
|||
<td>show, transfer, seize</td> |
|||
<td></td> |
|||
<td>Add options</td> |
|||
<td></td> |
|||
</tr> |
|||
<tr> |
|||
<td>group</td> |
|||
<td>Add or delete groups or add members to or remove members from a group</td> |
|||
<td>add,delete,addmembers,removemembers</td> |
|||
<td></td> |
|||
<td></td> |
|||
<td></td> |
|||
</tr> |
|||
<tr> |
|||
<td>gpo2</td> |
|||
<td>List group policies</td> |
|||
<td>list, listall</td> |
|||
<td></td> |
|||
<td></td> |
|||
<td></td> |
|||
</tr> |
|||
<tr> |
|||
<td>join</td> |
|||
<td>Join a domain as either a member or a backup domain controller (server connection required)</td> |
|||
<td>dns domain</td> |
|||
<td></td> |
|||
<td>add options</td> |
|||
<td>Change command to DOMAIN [JOINDC JOINRODC, JOINMEMBER, options] so consistent with object action format.<br> |
|||
not sure is the object of the join a domain?</td> |
|||
</tr> |
|||
<tr> |
|||
<td>ldapcmp</td> |
|||
<td>compare two ldap databases</td> |
|||
<td>UR1L, URL2</td> |
|||
<td></td> |
|||
<td>add options</td> |
|||
<td>Change to split into ldap compare.</td> |
|||
</tr> |
|||
<tr> |
|||
<td>machinepw</td> |
|||
<td>get machine PW out of SAM</td> |
|||
<td></td> |
|||
<td></td> |
|||
<td></td> |
|||
<td>Change to '''password machine show'''</td> |
|||
</tr> |
|||
<tr> |
|||
<td>newuser</td> |
|||
<td></td> |
|||
<td></td> |
|||
<td></td> |
|||
<td></td> |
|||
<td>combine function with '''user create'''</td> |
|||
</tr> |
|||
<tr> |
|||
<td>pwsettings</td> |
|||
<td>Sets password settings</td> |
|||
<td>set, show</td> |
|||
<td></td> |
|||
<td></td> |
|||
<td></td> |
|||
</tr> |
|||
<tr> |
|||
<td>password</td> |
|||
<td>set or change password, </td> |
|||
<td>set, change</td> |
|||
<td>user</td> |
|||
<td></td> |
|||
<td>re-write into python<br>code similar to gpo to tell me local or not<br>add machinepw to this command: password machine show</tr> |
|||
</tr> |
|||
<tr> |
|||
<td>setexpiry</td> |
|||
<td>Sets the expiration of a user account</td> |
|||
<td></td> |
|||
<td>[username]</td> |
|||
<td>add options</td> |
|||
<td>Change to user setexpiry [username]?</td> |
|||
</tr> |
|||
<tr> |
|||
<td>setpassword</td> |
|||
<td>set user password locally, need write access to ldb files</td> |
|||
<td></td> |
|||
<td></td> |
|||
<td></td> |
|||
<td>Use password command<br>combine both commands local and remote into one external</tr> |
|||
</tr> |
|||
<tr> |
|||
<td>time</td> |
|||
<td>Retrieve the time on a remote server (server connection needed)</td> |
|||
<td></td> |
|||
<td>[server-name]</td> |
|||
<td></td> |
|||
<td>Change format</td> |
|||
</tr> |
|||
<tr> |
|||
<td>user</td> |
|||
<td>create or delete a user</td> |
|||
<td></td> |
|||
<td>create, delete</td> |
|||
<td>options</td> |
|||
<td>Add enable, add setexpiry?</td> |
|||
</tr> |
|||
<tr> |
|||
<td>vampire</td> |
|||
<td>Join and synchronise a remote AD domain to the local server (server connection needed)</td> |
|||
<td></td> |
|||
<td>domain</td> |
|||
<td></td> |
|||
<td>hmmm...</td> |
|||
</tr> |
|||
</table> |
|||
<h4>samba-tool proposal for command syntax changes</h4> |
|||
Command syntax will follow the format samba-tool <object> <action> <object/action specific options> <global options> unless otherwise indicated. |
|||
<table border="1"> |
|||
<tr> |
|||
<td>'''Object'''</td> |
|||
<td>'''Description'''</td> |
|||
<td>'''Action'''</td> |
|||
<td>'''Parameter(s)</td> |
|||
<td>'''Specific Options'''</td> |
|||
<td>'''General Options'''</td> |
|||
</tr> |
|||
<tr> |
|||
<td>acl</td> |
|||
<td>get or set acls on a file or directory</td> |
|||
<td>get</td> |
|||
<td>nt</td> |
|||
<td><file></td> |
|||
<td>--as-sddl<br>--xattr-backend=native|tdb<br>--eadb-file=file</td> |
|||
</tr> |
|||
<tr> |
|||
<td></td> |
|||
<td></td> |
|||
<td>set</td> |
|||
<td>nt</td> |
|||
<td><file></td> |
|||
<td>--xattr-backend=native|tdb<br>--eadb-file=file</td> |
|||
</tr> |
|||
<tr> |
|||
<td></td> |
|||
<td></td> |
|||
<td></td> |
|||
<td>ds</td> |
|||
<td><file></td> |
|||
<td>--objectdn=objectdn<br>--car=control right<br>--action=deny|allow<br>--trusteedn=trustee-dn</td> |
|||
</tr> |
|||
</tr> |
</tr> |
||
<tr> |
<tr> |
Revision as of 16:26, 22 April 2011
samba-tool
This wiki page will document the current externals of the samba-tool command with proposed changes to be made for consistency and usability.
The proposed format for all new / existing functions on the samba-tool command are as follows:
samba-tool <object> <action> <options>
Current commands listed in __init__.py in samba 4 Version 4.0.0alpha15-GIT-b12fbc2
samba-tool current commands:
Object | Description | Action | Parameters - specific | Options - general | Proposed Changes |
acl | get or set acls on a file | get set | nt(file), ds(directory object) | general options | |
domainlevel | Raises domain and forest function level | show or raise | add options | ||
drs | various directory replication services | bind, kcc, replicate, showrepl, options | add options | ||
enableaccount | enable a user | username | Change to user enableaccount to be consistent with object action | ||
export | Dumps kerberos keys of the domain into a keytab | keytab | Change to keytab export to be consistent with object action | ||
fsmo | Makes the target DC transfer or seize fsmo role (server connection needed) | show, transfer, seize | Add options | ||
group | Add or delete groups or add members to or remove members from a group | add,delete,addmembers,removemembers | |||
gpo2 | List group policies | list, listall | |||
join | Join a domain as either a member or a backup domain controller (server connection required) | dns domain | add options | Change command to DOMAIN [JOINDC JOINRODC, JOINMEMBER, options] so consistent with object action format. not sure is the object of the join a domain? |
|
ldapcmp | compare two ldap databases | UR1L, URL2 | add options | Change to split into ldap compare. | |
machinepw | get machine PW out of SAM | Change to password machine show | |||
newuser | combine function with user create | ||||
pwsettings | Sets password settings | set, show | |||
password | set or change password, | set, change | user | re-write into python code similar to gpo to tell me local or not add machinepw to this command: password machine show | |
setexpiry | Sets the expiration of a user account | [username] | add options | Change to user setexpiry [username]? | |
setpassword | set user password locally, need write access to ldb files | Use password command combine both commands local and remote into one external | |||
time | Retrieve the time on a remote server (server connection needed) | [server-name] | Change format | ||
user | create or delete a user | create, delete | options | Add enable, add setexpiry? | |
vampire | Join and synchronise a remote AD domain to the local server (server connection needed) | domain | hmmm... |
samba-tool proposal for command syntax changes
Command syntax will follow the format samba-tool <object> <action> <object/action specific options> <global options> unless otherwise indicated.
Object | Description | Action | Parameter(s) | Specific Options | General Options |
acl | get or set acls on a file or directory | get | nt | <file> | --as-sddl --xattr-backend=native|tdb --eadb-file=file |
set | nt | <file> | --xattr-backend=native|tdb --eadb-file=file |
||
ds | <file> | --objectdn=objectdn --car=control right --action=deny|allow --trusteedn=trustee-dn |
|||
domainlevel | Raises domain and forest function level | show or raise | add options | ||
drs | various directory replication services | bind, kcc, replicate, showrepl, options | add options | ||
enableaccount | enable a user | username | Change to user enableaccount to be consistent with object action | ||
export | Dumps kerberos keys of the domain into a keytab | keytab | Change to keytab export to be consistent with object action | ||
fsmo | Makes the target DC transfer or seize fsmo role (server connection needed) | show, transfer, seize | Add options | ||
group | Add or delete groups or add members to or remove members from a group | add,delete,addmembers,removemembers | |||
gpo2 | List group policies | list, listall | |||
join | Join a domain as either a member or a backup domain controller (server connection required) | dns domain | add options | Change command to DOMAIN [JOINDC JOINRODC, JOINMEMBER, options] so consistent with object action format. not sure is the object of the join a domain? |
|
ldapcmp | compare two ldap databases | UR1L, URL2 | add options | Change to split into ldap compare. | |
machinepw | get machine PW out of SAM | Change to password machine show | |||
newuser | combine function with user create | ||||
pwsettings | Sets password settings | set, show | |||
password | set or change password, | set, change | user | re-write into python code similar to gpo to tell me local or not add machinepw to this command: password machine show | |
setexpiry | Sets the expiration of a user account | [username] | add options | Change to user setexpiry [username]? | |
setpassword | set user password locally, need write access to ldb files | Use password command combine both commands local and remote into one external | |||
time | Retrieve the time on a remote server (server connection needed) | [server-name] | Change format | ||
user | create or delete a user | create, delete | options | Add enable, add setexpiry? | |
vampire | Join and synchronise a remote AD domain to the local server (server connection needed) | domain | hmmm... |