1MDSEARCH(1)                      User Commands                     MDSEARCH(1)
2
3
4

NAME

6       mdsearch - Run Spotlight searches against an SMB server
7

SYNOPSIS

9       mdfine {server} {sharename} {query} [-p, --path=STRING] [-L, --live]
10        [-?|--help] [--usage] [-d|--debuglevel=DEBUGLEVEL] [--debug-stdout]
11        [--configfile=CONFIGFILE] [--option=name=value]
12        [-l|--log-basename=LOGFILEBASE] [--leak-report] [--leak-report-full]
13        [-R|--name-resolve=NAME-RESOLVE-ORDER]
14        [-O|--socket-options=SOCKETOPTIONS] [-m|--max-protocol=MAXPROTOCOL]
15        [-n|--netbiosname=NETBIOSNAME] [--netbios-scope=SCOPE]
16        [-W|--workgroup=WORKGROUP] [--realm=REALM]
17        [-U|--user=[DOMAIN/]USERNAME[%PASSWORD]] [-N|--no-pass]
18        [--password=STRING] [--pw-nt-hash] [-A|--authentication-file=FILE]
19        [-P|--machine-pass] [--simple-bind-dn=DN]
20        [--use-kerberos=desired|required|off] [--use-krb5-ccache=CCACHE]
21        [--use-winbind-ccache] [--client-protection=sign|encrypt|off]
22        [-V|--version]
23

DESCRIPTION

25       This tool is part of the samba(1) suite.
26
27       mdsearch is a simple utility to run Spotlight searches against an SMB
28       server that runs the Spotlight mdssvc RPC service.
29

OPTIONS

31       server
32           The SMB server name or IP address to connect to.
33
34       sharename
35           The name of a share on the server.
36
37       query
38           The query expression syntax is a simplified form of filename
39           globbing familiar to shell users. Queries have the following
40           format:
41
42           attribute=="value"
43
44           For queries against a Samba server with Spotlight enabled using the
45           Elasticsearch backend, the list of supported metadata attributes is
46           given by the JSON attribute mapping file, typically installed at
47           /usr/share/samba/mdssvc/elasticsearch_mappings.json
48
49       -p PATH, --path=PATH
50           Server side path to search, defaults to "/"
51
52       -L, --live
53           Query remains running.
54
55       -?|--help
56           Print a summary of command line options.
57
58       --usage
59           Display brief usage message.
60
61       -d|--debuglevel=DEBUGLEVEL
62           level is an integer from 0 to 10. The default value if this
63           parameter is not specified is 1 for client applications.
64
65           The higher this value, the more detail will be logged to the log
66           files about the activities of the server. At level 0, only critical
67           errors and serious warnings will be logged. Level 1 is a reasonable
68           level for day-to-day running - it generates a small amount of
69           information about operations carried out.
70
71           Levels above 1 will generate considerable amounts of log data, and
72           should only be used when investigating a problem. Levels above 3
73           are designed for use only by developers and generate HUGE amounts
74           of log data, most of which is extremely cryptic.
75
76           Note that specifying this parameter here will override the log
77           level parameter in the smb.conf file.
78
79       --debug-stdout
80           This will redirect debug output to STDOUT. By default all clients
81           are logging to STDERR.
82
83       --configfile=<configuration file>
84           The file specified contains the configuration details required by
85           the client. The information in this file can be general for client
86           and server or only provide client specific like options such as
87           client smb encrypt. See smb.conf for more information. The default
88           configuration file name is determined at compile time.
89
90       --option=<name>=<value>
91           Set the smb.conf(5) option "<name>" to value "<value>" from the
92           command line. This overrides compiled-in defaults and options read
93           from the configuration file. If a name or a value includes a space,
94           wrap whole --option=name=value into quotes.
95
96       -l|--log-basename=logdirectory
97           Base directory name for log/debug files. The extension ".progname"
98           will be appended (e.g. log.smbclient, log.smbd, etc...). The log
99           file is never removed by the client.
100
101       --leak-report
102           Enable talloc leak reporting on exit.
103
104       --leak-report-full
105           Enable full talloc leak reporting on exit.
106
107       -V|--version
108           Prints the program version number.
109
110       -U|--user=[DOMAIN\]USERNAME[%PASSWORD]
111           Sets the SMB username or username and password.
112
113           If %PASSWORD is not specified, the user will be prompted. The
114           client will first check the USER environment variable (which is
115           also permitted to also contain the password seperated by a %), then
116           the LOGNAME variable (which is not permitted to contain a password)
117           and if either exists, the value is used. If these environmental
118           variables are not found, the username found in a Kerberos
119           Credentials cache may be used.
120
121           A third option is to use a credentials file which contains the
122           plaintext of the username and password. This option is mainly
123           provided for scripts where the admin does not wish to pass the
124           credentials on the command line or via environment variables. If
125           this method is used, make certain that the permissions on the file
126           restrict access from unwanted users. See the -A for more details.
127
128           Be cautious about including passwords in scripts or passing
129           user-supplied values onto the command line. For security it is
130           better to let the Samba client tool ask for the password if needed,
131           or obtain the password once with kinit.
132
133           While Samba will attempt to scrub the password from the process
134           title (as seen in ps), this is after startup and so is subject to a
135           race.
136
137       -N|--no-pass
138           If specified, this parameter suppresses the normal password prompt
139           from the client to the user. This is useful when accessing a
140           service that does not require a password.
141
142           Unless a password is specified on the command line or this
143           parameter is specified, the client will request a password.
144
145           If a password is specified on the command line and this option is
146           also defined the password on the command line will be silently
147           ignored and no password will be used.
148
149       --password
150           Specify the password on the commandline.
151
152           Be cautious about including passwords in scripts or passing
153           user-supplied values onto the command line. For security it is
154           better to let the Samba client tool ask for the password if needed,
155           or obtain the password once with kinit.
156
157           If --password is not specified, the tool will check the PASSWD
158           environment variable, followed by PASSWD_FD which is expected to
159           contain an open file descriptor (FD) number.
160
161           Finally it will check PASSWD_FILE (containing a file path to be
162           opened). The file should only contain the password. Make certain
163           that the permissions on the file restrict access from unwanted
164           users!
165
166           While Samba will attempt to scrub the password from the process
167           title (as seen in ps), this is after startup and so is subject to a
168           race.
169
170       --pw-nt-hash
171           The supplied password is the NT hash.
172
173       -A|--authentication-file=filename
174           This option allows you to specify a file from which to read the
175           username and password used in the connection. The format of the
176           file is:
177
178                                   username = <value>
179                                   password = <value>
180                                   domain   = <value>
181
182
183           Make certain that the permissions on the file restrict access from
184           unwanted users!
185
186       -P|--machine-pass
187           Use stored machine account password.
188
189       --simple-bind-dn=DN
190           DN to use for a simple bind.
191
192       --use-kerberos=desired|required|off
193           This parameter determines whether Samba client tools will try to
194           authenticate using Kerberos. For Kerberos authentication you need
195           to use dns names instead of IP addresses when connnecting to a
196           service.
197
198           Note that specifying this parameter here will override the client
199           use kerberos parameter in the smb.conf file.
200
201       --use-krb5-ccache=CCACHE
202           Specifies the credential cache location for Kerberos
203           authentication.
204
205           This will set --use-kerberos=required too.
206
207       --use-winbind-ccache
208           Try to use the credential cache by winbind.
209
210       --client-protection=sign|encrypt|off
211           Sets the connection protection the client tool should use.
212
213           Note that specifying this parameter here will override the client
214           protection parameter in the smb.conf file.
215
216           In case you need more fine grained control you can use:
217           --option=clientsmbencrypt=OPTION, --option=clientipcsigning=OPTION,
218           --option=clientsigning=OPTION.
219

EXAMPLES

221       Search all indexed metadata attributes, exact match:
222
223                 '*=="Samba"'
224
225
226       Search all indexed metadata attributes, prefix match:
227
228                 '*=="Samba*"'
229
230
231       Search by filename:
232
233                 'kMDItemFSName=="Samba*"'
234
235
236       Search by date:
237
238                 'kMDItemFSContentChangeDate<$time.iso(2018-10-01T10:00:00Z)'
239
240
241       Search files's content:
242
243                 'kMDItemTextContent=="Samba*"'
244
245
246       Expressions:
247
248                 kMDItemFSName=="Samba*"||kMDItemTextContent=="Tango*"'
249
250

SEE ALSO

252       File Metadata Search Programming Guide
253       https://developer.apple.com/library/archive/documentation/Carbon/Conceptual/SpotlightQuery/Concepts/Introduction.html
254

VERSION

256       This man page is part of version 4.15.2 of the Samba suite.
257

AUTHOR

259       The original Samba software and related utilities were created by
260       Andrew Tridgell. Samba is now developed by the Samba Team as an Open
261       Source project similar to the way the Linux kernel is developed.
262
263       The mdsearch manpage was written by Ralph Boehme.
264
265
266
267Samba 4.15.2                      11/13/2021                       MDSEARCH(1)
Impressum