Samba-tool-external
From SambaWiki
samba-tool
This wiki page will document the current externals of the samba-tool command with proposed changes to be made for consistency and usability.
The proposed format for all new / existing functions on the samba-tool command are as follows:
samba-tool <object> <action> <options>
Current commands listed in __init__.py in samba 4 Version 4.0.0alpha15-GIT-b12fbc2
samba-tools current commands:
Object | Description | Action | Parameters - specific | Options - general | Proposed Changes |
acl | get or set acls on a file | get set | nt(file), ds(directory object) | general options | Should the object be fileacl / dsacl ? |
domainlevel | Raises domain and forest function level | show or raise | add options | ||
drs | various directory replication services | bind, kcc, replicate, showrepl, options | add options | ||
enableaccount | enable a user | username | Change to user enableaccount to be consistent with object action | ||
export | Dumps kerberos keys of the domain into a keytab | keytab | Change to keytab export to be consistent with object action | ||
fsmo | Makes the target DC transfer or seize fsmo role (server connection needed) | show, transfer, seize | Add options | ||
group | Add or delete groups or add members to or remove members from a group | add,delete,addmembers,removemembers | |||
gpo2 | List group policies | list, listall | |||
join | Join a domain as either a member or a backup domain controller (server connection required) | dns domain | add options | Change command to DOMAIN [JOINDC JOINRODC, JOINMEMBER, options] so consistent with object action format. not sure is the object of the join a domain? |
|
ldapcmp | compare two ldap databases | UR1L, URL2 | add options | Change to split into ldap compare. | |
machinepw | get machine PW out of SAM | Change to password machine show | |||
newuser | combine function with user create | ||||
pwsettings | Sets password settings | set, show | |||
password | set or change password, | set, change | user | re-write into python code similar to gpo to tell me local or not add machinepw to this command: password machine show | |
setexpiry | Sets the expiration of a user account | [username] | add options | Change to user setexpiry [username]? | |
setpassword | set user password locally, need write access to ldb files | Use password command combine both commands local and remote into one external | |||
time | Retrieve the time on a remote server (server connection needed) | [server-name] | Change format | ||
user | create or delete a user | create, delete | options | Add enable, add setexpiry? | |
vampire | Join and synchronise a remote AD domain to the local server (server connection needed) | domain | hmmm... |