1SAMBA-TOOL(8) System Administration tools SAMBA-TOOL(8)
2
6 samba-tool - Main Samba administration tool.
7
9 samba-tool [-h] [-W myworkgroup] [-U user] [-d debuglevel] [--v]
10
12 This tool is part of the samba(7) suite.
13
15 -h|--help
16 Show this help message and exit
17 --realm=REALM
19 Set the realm name
20 --simple-bind-dn=DN
22 DN to use for a simple bind
23 --password=PASSWORD
25 Password
26 -U USERNAME|--username=USERNAME
28 Username
29 -W WORKGROUP|--workgroup=WORKGROUP
31 Workgroup
32 -N|--no-pass
34 Don't ask for a password
35 -k KERBEROS|--kerberos=KERBEROS
37 Use Kerberos
38 --ipaddress=IPADDRESS
40 IP address of the server
41 -d|--debuglevel=level
43 level is an integer from 0 to 10. The default value if this
44 parameter is not specified is 1.
45 The higher this value, the more detail will be logged to the log
47 files about the activities of the server. At level 0, only critical
48 errors and serious warnings will be logged. Level 1 is a reasonable
49 level for day-to-day running - it generates a small amount of
50 information about operations carried out.
51 Levels above 1 will generate considerable amounts of log data, and
53 should only be used when investigating a problem. Levels above 3
54 are designed for use only by developers and generate HUGE amounts
55 of log data, most of which is extremely cryptic.
56 Note that specifying this parameter here will override the log
58 level parameter in the smb.conf file.
59 -V|--version
61 Prints the program version number.
62 -s|--configfile=<configuration file>
64 The file specified contains the configuration details required by
65 the server. The information in this file includes server-specific
66 information such as what printcap file to use, as well as
67 descriptions of all the services that the server is to provide. See
68 smb.conf for more information. The default configuration file name
69 is determined at compile time.
70 -l|--log-basename=logdirectory
72 Base directory name for log/debug files. The extension ".progname"
73 will be appended (e.g. log.smbclient, log.smbd, etc...). The log
74 file is never removed by the client.
75 --option=<name>=<value>
77 Set the smb.conf(5) option "<name>" to value "<value>" from the
78 command line. This overrides compiled-in defaults and options read
79 from the configuration file.
80
82 computer
83 Manage computer accounts.
84 computer add computername [options]
86 Add a new computer to the Active Directory Domain.
87 The new computer name specified on the command is the sAMAccountName,
89 with or without the trailing dollar sign.
90 --computerou=COMPUTEROU
92 DN of alternative location (with or without domainDN counterpart)
93 to default CN=Computers in which new computer object will be
94 created. E.g. 'OU=OUname'.
95 --description=DESCRIPTION
97 The new computers's description.
98 --ip-address=IP_ADDRESS_LIST
100 IPv4 address for the computer's A record, or IPv6 address for AAAA
101 record, can be provided multiple times.
102 --service-principal-name=SERVICE_PRINCIPAL_NAME_LIST
104 Computer's Service Principal Name, can be provided multiple times.
105 --prepare-oldjoin
107 Prepare enabled machine account for oldjoin mechanism.
108 computer create computername [options]
110 Add a new computer. This is a synonym for the samba-tool computer add
111 command and is available for compatibility reasons only. Please use
112 samba-tool computer add instead.
113 computer delete computername [options]
115 Delete an existing computer account.
116 The computer name specified on the command is the sAMAccountName, with
118 or without the trailing dollar sign.
119 computer edit computername
121 Edit a computer AD object.
122 The computer name specified on the command is the sAMAccountName, with
124 or without the trailing dollar sign.
125 --editor=EDITOR
127 Specifies the editor to use instead of the system default, or 'vi'
128 if no system default is set.
129 computer list
131 List all computers.
132 computer move computername new_parent_dn [options]
134 This command moves a computer account into the specified organizational
135 unit or container.
136 The computername specified on the command is the sAMAccountName, with
138 or without the trailing dollar sign.
139 The name of the organizational unit or container can be specified as a
141 full DN or without the domainDN component.
142 computer show computername [options]
144 Display a computer AD object.
145 The computer name specified on the command is the sAMAccountName, with
147 or without the trailing dollar sign.
148 --attributes=USER_ATTRS
150 Comma separated list of attributes, which will be printed.
151 contact
153 Manage contacts.
154 contact add [contactname] [options]
156 Add a new contact to the Active Directory Domain.
157 The name of the new contact can be specified by the first argument
159 'contactname' or the --given-name, --initial and --surname arguments.
160 If no 'contactname' is given, contact's name will be made up of the
161 given arguments by combining the given-name, initials and surname. Each
162 argument is optional. A dot ('.') will be appended to the initials
163 automatically.
164 --ou=OU
166 DN of alternative location (with or without domainDN counterpart)
167 in which the new contact will be created. E.g. 'OU=OUname'. Default
168 is the domain base.
169 --description=DESCRIPTION
171 The new contacts's description.
172 --surname=SURNAME
174 Contact's surname.
175 --given-name=GIVEN_NAME
177 Contact's given name.
178 --initials=INITIALS
180 Contact's initials.
181 --display-name=DISPLAY_NAME
183 Contact's display name.
184 --job-title=JOB_TITLE
186 Contact's job title.
187 --department=DEPARTMENT
189 Contact's department.
190 --company=COMPANY
192 Contact's company.
193 --mail-address=MAIL_ADDRESS
195 Contact's email address.
196 --internet-address=INTERNET_ADDRESS
198 Contact's home page.
199 --telephone-number=TELEPHONE_NUMBER
201 Contact's phone number.
202 --mobile-number=MOBILE_NUMBER
204 Contact's mobile phone number.
205 --physical-delivery-office=PHYSICAL_DELIVERY_OFFICE
207 Contact's office location.
208 contact create [contactname] [options]
210 Add a new contact. This is a synonym for the samba-tool contact add
211 command and is available for compatibility reasons only. Please use
212 samba-tool contact add instead.
213 contact delete contactname [options]
215 Delete an existing contact.
216 The contactname specified on the command is the common name or the
218 distinguished name of the contact object. The distinguished name of the
219 contact can be specified with or without the domainDN component.
220 contact edit contactname
222 Modify a contact AD object.
223 The contactname specified on the command is the common name or the
225 distinguished name of the contact object. The distinguished name of the
226 contact can be specified with or without the domainDN component.
227 --editor=EDITOR
229 Specifies the editor to use instead of the system default, or 'vi'
230 if no system default is set.
231 contact list [options]
233 List all contacts.
234 --full-dn
236 Display contact's full DN instead of the name.
237 contact move contactname new_parent_dn [options]
239 This command moves a contact into the specified organizational unit or
240 container.
241 The contactname specified on the command is the common name or the
243 distinguished name of the contact object. The distinguished name of the
244 contact can be specified with or without the domainDN component.
245 contact show contactname [options]
247 Display a contact AD object.
248 The contactname specified on the command is the common name or the
250 distinguished name of the contact object. The distinguished name of the
251 contact can be specified with or without the domainDN component.
252 --attributes=CONTACT_ATTRS
254 Comma separated list of attributes, which will be printed.
255 contact rename contactname [options]
257 Rename a contact and related attributes.
258 This command allows to set the contact's name related attributes. The
260 contact's CN will be renamed automatically. The contact's new CN will
261 be made up by combining the given-name, initials and surname. A dot
262 ('.') will be appended to the initials automatically, if required. Use
263 the --force-new-cn option to specify the new CN manually and --reset-cn
264 to reset this change.
265 Use an empty attribute value to remove the specified attribute.
267 The contact name specified on the command is the CN.
269 --surname=SURNAME
271 New surname.
272 --given-name=GIVEN_NAME
274 New given name.
275 --initials=INITIALS
277 New initials.
278 --force-new-cn=NEW_CN
280 Specify a new CN (RDN) instead of using a combination of the given
281 name, initials and surname.
282 --reset-cn
284 Set the CN to the default combination of given name, initials and
285 surname.
286 --display-name=DISPLAY_NAME
288 New display name.
289 --mail-address=MAIL_ADDRESS
291 New email address.
292 dbcheck
294 Check the local AD database for errors.
295 delegation
297 Manage Delegations.
298 delegation add-service accountname principal [options]
300 Add a service principal as msDS-AllowedToDelegateTo.
301 delegation del-service accountname principal [options]
303 Delete a service principal as msDS-AllowedToDelegateTo.
304 delegation for-any-protocol accountname [(on|off)] [options]
306 Set/unset UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION (S4U2Proxy) for an
307 account.
308 delegation for-any-service accountname [(on|off)] [options]
310 Set/unset UF_TRUSTED_FOR_DELEGATION for an account.
311 delegation show accountname [options]
313 Show the delegation setting of an account.
314 dns
316 Manage Domain Name Service (DNS).
317 dns add server zone name A|AAAA|PTR|CNAME|NS|MX|SRV|TXT data
319 Add a DNS record.
320 dns delete server zone name A|AAAA|PTR|CNAME|NS|MX|SRV|TXT data
322 Delete a DNS record.
323 dns query server zone name A|AAAA|PTR|CNAME|NS|MX|SRV|TXT|ALL [options]
325 data
326 Query a name.
327 dns roothints server [name] [options]
329 Query root hints.
330 dns serverinfo server [options]
332 Query server information.
333 dns update server zone name A|AAAA|PTR|CNAME|NS|MX|SRV|TXT olddata newdata
335 Update a DNS record.
336 dns zonecreate server zone [options]
338 Create a zone.
339 dns zonedelete server zone [options]
341 Delete a zone.
342 dns zoneinfo server zone [options]
344 Query zone information.
345 dns zonelist server [options]
347 List zones.
348 domain
350 Manage Domain.
351 domain backup
353 Create or restore a backup of the domain.
354 domain backup offline
356 Backup (with proper locking) local domain directories into a tar file.
357 domain backup online
359 Copy a running DC's current DB into a backup tar file.
360 domain backup rename
362 Copy a running DC's DB to backup file, renaming the domain in the
363 process.
364 domain backup restore
366 Restore the domain's DB from a backup-file.
367 domain classicupgrade [options] classic_smb_conf
369 Upgrade from Samba classic (NT4-like) database to Samba AD DC database.
370 domain dcpromo dnsdomain [DC|RODC] [options]
372 Promote an existing domain member or NT4 PDC to an AD DC.
373 domain demote
375 Demote ourselves from the role of domain controller.
376 domain exportkeytab keytab [options]
378 Dumps Kerberos keys of the domain into a keytab.
379 domain info ip_address [options]
381 Print basic info about a domain and the specified DC.
382 domain join dnsdomain [DC|RODC|MEMBER|SUBDOMAIN] [options]
384 Join a domain as either member or backup domain controller.
385 domain level show|raise options [options]
387 Show/raise domain and forest function levels.
388 domain passwordsettings show|set options [options]
390 Show/set password settings.
391 domain passwordsettings pso
393 Manage fine-grained Password Settings Objects (PSOs).
394 domain passwordsettings pso apply pso-name user-or-group-name [options]
396 Applies a PSO's password policy to a user or group.
397 domain passwordsettings pso create pso-name precedence [options]
399 Creates a new Password Settings Object (PSO).
400 domain passwordsettings pso delete pso-name [options]
402 Deletes a Password Settings Object (PSO).
403 domain passwordsettings pso list [options]
405 Lists all Password Settings Objects (PSOs).
406 domain passwordsettings pso set pso-name [options]
408 Modifies a Password Settings Object (PSO).
409 domain passwordsettings pso show user-name [options]
411 Displays a Password Settings Object (PSO).
412 domain passwordsettings pso show-user pso-name [options]
414 Displays the Password Settings that apply to a user.
415 domain passwordsettings pso unapply pso-name user-or-group-name [options]
417 Updates a PSO to no longer apply to a user or group.
418 domain provision
420 Promote an existing domain member or NT4 PDC to an AD DC.
421 domain trust
423 Domain and forest trust management.
424 domain trust create DOMAIN options [options]
426 Create a domain or forest trust.
427 domain trust delete DOMAIN options [options]
429 Delete a domain trust.
430 domain trust list options [options]
432 List domain trusts.
433 domain trust namespaces [DOMAIN] options [options]
435 Manage forest trust namespaces.
436 domain trust show DOMAIN options [options]
438 Show trusted domain details.
439 domain trust validate DOMAIN options [options]
441 Validate a domain trust.
442 drs
444 Manage Directory Replication Services (DRS).
445 drs bind
447 Show DRS capabilities of a server.
448 drs kcc
450 Trigger knowledge consistency center run.
451 drs options
453 Query or change options for NTDS Settings object of a domain
454 controller.
455 drs replicate destination_DC source_DC NC [options]
457 Replicate a naming context between two DCs.
458 drs showrepl
460 Show replication status. The [--json] option results in JSON output,
461 and with the [--summary] option produces very little output when the
462 replication status seems healthy.
463 dsacl
465 Administer DS ACLs
466 dsacl set
468 Modify access list on a directory object.
469 forest
471 Manage Forest configuration.
472 forest directory_service
474 Manage directory_service behaviour for the forest.
475 forest directory_service dsheuristics VALUE
477 Modify dsheuristics directory_service configuration for the forest.
478 forest directory_service show
480 Show current directory_service configuration for the forest.
481 fsmo
483 Manage Flexible Single Master Operations (FSMO).
484 fsmo seize [options]
486 Seize the role.
487 fsmo show
489 Show the roles.
490 fsmo transfer [options]
492 Transfer the role.
493 gpo
495 Manage Group Policy Objects (GPO).
496 gpo create displayname [options]
498 Create an empty GPO.
499 gpo del gpo [options]
501 Delete GPO.
502 gpo dellink container_dn gpo [options]
504 Delete GPO link from a container.
505 gpo fetch gpo [options]
507 Download a GPO.
508 gpo getinheritance container_dn [options]
510 Get inheritance flag for a container.
511 gpo getlink container_dn [options]
513 List GPO Links for a container.
514 gpo list username [options]
516 List GPOs for an account.
517 gpo listall
519 List all GPOs.
520 gpo listcontainers gpo [options]
522 List all linked containers for a GPO.
523 gpo setinheritance container_dn block|inherit [options]
525 Set inheritance flag on a container.
526 gpo setlink container_dn gpo [options]
528 Add or Update a GPO link to a container.
529 gpo show gpo [options]
531 Show information for a GPO.
532 group
534 Manage groups.
535 group add groupname [options]
537 Create a new AD group.
538 group create groupname [options]
540 Add a new AD group. This is a synonym for the samba-tool group add
541 command and is available for compatibility reasons only. Please use
542 samba-tool group add instead.
543 group addmembers groupname members [options]
545 Add members to an AD group.
546 group delete groupname [options]
548 Delete an AD group.
549 group edit groupname
551 Edit a group AD object.
552 --editor=EDITOR
554 Specifies the editor to use instead of the system default, or 'vi'
555 if no system default is set.
556 group list
558 List all groups.
559 group listmembers groupname [options]
561 List all members of the specified AD group.
562 By default the sAMAccountNames are listed. If no sAMAccountName is
564 available, the CN will be used instead.
565 --full-dn
567 List the distinguished names instead of the sAMAccountNames.
568 --hide-expired
570 Do not list expired group members.
571 --hide-disabled
573 Do not list disabled group members.
574 group move groupname new_parent_dn [options]
576 This command moves a group into the specified organizational unit or
577 container.
578 The groupname specified on the command is the sAMAccountName.
580 The name of the organizational unit or container can be specified as a
582 full DN or without the domainDN component.
583 group removemembers groupname members [options]
585 Remove members from the specified AD group.
586 group show groupname [options]
588 Show group object and it's attributes.
589 group stats [options]
591 Show statistics for overall groups and group memberships.
592 group rename groupname [options]
594 Rename a group and related attributes.
595 This command allows to set the group's name related attributes. The
597 group's CN will be renamed automatically. The group's CN will be the
598 sAMAccountName. Use the --force-new-cn option to specify the new CN
599 manually and the --reset-cn to reset this change.
600 Use an empty attribute value to remove the specified attribute.
602 The groupname specified on the command is the sAMAccountName.
604 --force-new-cn=NEW_CN
606 Specify a new CN (RDN) instead of using the sAMAccountName.
607 --reset-cn
609 Set the CN to the sAMAccountName.
610 --mail-address=MAIL_ADDRESS
612 New mail address
613 --samaccountname=SAMACCOUNTNAME
615 New account name (sAMAccountName/logon name)
616 ldapcmp URL1 URL2 domain|configuration|schema|dnsdomain|dnsforest [options]
618 Compare two LDAP databases.
619 ntacl
621 Manage NT ACLs.
622 ntacl changedomsid original-domain-SID new-domain-SID file [options]
624 Change the domain SID for ACLs. Can be used to change all entries in
625 acl_xattr when the machine's SID has accidentally changed or the data
626 set has been copied to another machine either via backup/restore or
627 rsync.
628 --use-ntvfs
630 Set the ACLs directly to the TDB or xattr. The POSIX permissions
631 will NOT be changed, only the NT ACL will be stored.
632 --service=SERVICE
634 Specify the name of the smb.conf service to use. This option is
635 required in combination with the --use-s3fs option.
636 --use-s3fs
638 Set the ACLs for use with the default s3fs file server via the VFS
639 layer. This option requires a smb.conf service, specified by the
640 --service=SERVICE option.
641 --xattr-backend=[native|tdb]
643 Specify the xattr backend type (native fs or tdb).
644 --eadb-file=EADB_FILE
646 Name of the tdb file where attributes are stored.
647 --recursive
649 Set the ACLs for directories and their contents recursively.
650 --follow-symlinks
652 Follow symlinks when --recursive is specified.
653 --verbose
655 Verbosely list files and ACLs which are being processed.
656 ntacl get file [options]
658 Get ACLs on a file.
659 ntacl set acl file [options]
661 Set ACLs on a file.
662 ntacl sysvolcheck
664 Check sysvol ACLs match defaults (including correct ACLs on GPOs).
665 ntacl sysvolreset
667 Reset sysvol ACLs to defaults (including correct ACLs on GPOs).
668 ou
670 Manage organizational units (OUs).
671 ou add ou_dn [options]
673 Add a new organizational unit.
674 The name of the organizational unit can be specified as a full DN or
676 without the domainDN component.
677 --description=DESCRIPTION
679 Specify OU's description.
680 ou create ou_dn [options]
682 Add a new organizational unit. This is a synonym for the samba-tool ou
683 add command and is available for compatibility reasons only. Please use
684 samba-tool ou add instead.
685 ou delete ou_dn [options]
687 Delete an organizational unit.
688 The name of the organizational unit can be specified as a full DN or
690 without the domainDN component.
691 --force-subtree-delete
693 Delete organizational unit and all children reclusively.
694 ou list [options]
696 List all organizational units.
697 --full-dn
699 Display DNs including the base DN.
700 ou listobjects ou_dn [options]
702 List all objects in an organizational unit.
703 The name of the organizational unit can be specified as a full DN or
705 without the domainDN component.
706 --full-dn
708 Display DNs including the base DN.
709 -r|--recursive
711 List objects recursively.
712 ou move old_ou_dn new_parent_dn [options]
714 Move an organizational unit.
715 The name of the organizational units can be specified as a full DN or
717 without the domainDN component.
718 ou rename old_ou_dn new_ou_dn [options]
720 Rename an organizational unit.
721 The name of the organizational units can be specified as a full DN or
723 without the domainDN component.
724 rodc
726 Manage Read-Only Domain Controller (RODC).
727 rodc preload SID|DN|accountname [options]
729 Preload one account for an RODC.
730 schema
732 Manage and query schema.
733 schema attribute modify attribute [options]
735 Modify the behaviour of an attribute in schema.
736 schema attribute show attribute [options]
738 Display an attribute schema definition.
739 schema attribute show_oc attribute [options]
741 Show objectclasses that MAY or MUST contain this attribute.
742 schema objectclass show objectclass [options]
744 Display an objectclass schema definition.
745 sites
747 Manage sites.
748 sites create site [options]
750 Create a new site.
751 sites remove site [options]
753 Delete an existing site.
754 spn
756 Manage Service Principal Names (SPN).
757 spn add name user [options]
759 Create a new SPN.
760 spn delete name [user] [options]
762 Delete an existing SPN.
763 spn list user [options]
765 List SPNs of a given user.
766 testparm
768 Check the syntax of the configuration file.
769 time
771 Retrieve the time on a server.
772 user
774 Manage users.
775 user add username [password]
777 Add a new user to the Active Directory Domain.
778 user create username [password]
780 Add a new user. This is a synonym for the samba-tool user add command
781 and is available for compatibility reasons only. Please use samba-tool
782 user add instead.
783 user delete username [options]
785 Delete an existing user account.
786 user disable username
788 Disable a user account.
789 user edit username
791 Edit a user account AD object.
792 --editor=EDITOR
794 Specifies the editor to use instead of the system default, or 'vi'
795 if no system default is set.
796 user enable username
798 Enable a user account.
799 user list
801 List all users.
802 By default the user's sAMAccountNames are listed.
804 --full-dn
806 List user's distinguished names instead of the sAMAccountNames.
807 -b BASE_DN|--base-dn=BASE_DN
809 Specify base DN to use. Only users under the specified base DN will
810 be listed.
811 --hide-expired
813 Do not list expired user accounts.
814 --hide-disabled
816 Do not list disabled user accounts.
817 user setprimarygroup username primarygroupname
819 Set the primary group a user account.
820 user getgroups username
822 Get the direct group memberships of a user account.
823 user show username [options]
825 Display a user AD object.
826 --attributes=USER_ATTRS
828 Comma separated list of attributes, which will be printed.
829 user move username new_parent_dn [options]
831 This command moves a user account into the specified organizational
832 unit or container.
833 The username specified on the command is the sAMAccountName.
835 The name of the organizational unit or container can be specified as a
837 full DN or without the domainDN component.
838 user password [options]
840 Change password for a user account (the one provided in
841 authentication).
842 user rename username [options]
844 Rename a user and related attributes.
845 This command allows to set the user's name related attributes. The
847 user's CN will be renamed automatically. The user's new CN will be made
848 up by combining the given-name, initials and surname. A dot ('.') will
849 be appended to the initials automatically, if required. Use the
850 --force-new-cn option to specify the new CN manually and --reset-cn to
851 reset this change.
852 Use an empty attribute value to remove the specified attribute.
854 The username specified on the command is the sAMAccountName.
856 --surname=SURNAME
858 New surname
859 --given-name=GIVEN_NAME
861 New given name
862 --initials=INITIALS
864 New initials
865 --force-new-cn=NEW_CN
867 Specify a new CN (RDN) instead of using a combination of the given
868 name, initials and surname.
869 --reset-cn
871 Set the CN to the default combination of given name, initials and
872 surname.
873 --display-name=DISPLAY_NAME
875 New display name
876 --mail-address=MAIL_ADDRESS
878 New email address
879 --samaccountname=SAMACCOUNTNAME
881 New account name (sAMAccountName/logon name)
882 --upn=UPN
884 New user principal name
885 user setexpiry username [options]
887 Set the expiration of a user account.
888 user setpassword username [options]
890 Sets or resets the password of a user account.
891 user unlock username [options]
893 This command unlocks a user account in the Active Directory domain.
894 user getpassword username [options]
896 Gets the password of a user account.
897 user syncpasswords --cache-ldb-initialize [options]
899 Syncs the passwords of all user accounts, using an optional script.
900 Note that this command should run on a single domain controller only
902 (typically the PDC-emulator).
903 vampire [options] domain
905 Join and synchronise a remote AD domain to the local server. Please
906 note that samba-tool vampire is deprecated, please use samba-tool
907 domain join instead.
908 visualize [options] subcommand
910 Produce graphical representations of Samba network state. To work out
911 what is happening in a replication graph, it is sometimes helpful to
912 use visualisations.
913 There are two subcommands, two graphical modes, and (roughly) two modes
915 of operation with respect to the location of authority.
916 MODES OF OPERATION
918 samba-tool visualize ntdsconn
919 Looks at NTDS connections.
920 samba-tool visualize reps
922 Looks at repsTo and repsFrom objects.
923 samba-tool visualize uptodateness
925 Looks at replication lag as shown by the uptodateness vectors.
926 GRAPHICAL MODES
928 --distance
929 Distances between DCs are shown in a matrix in the terminal.
930 --dot
932 Generate Graphviz dot output (for ntdsconn and reps modes). When
933 viewed using dot or xdot, this shows the network as a graph with
934 DCs as vertices and connections edges. Certain types of degenerate
935 edges are shown in different colours or line-styles.
936 --xdot
938 Generate Graphviz dot output as with [--dot] and attempt to view it
939 immediately using /usr/bin/xdot.
940 -r
942 Normally, samba-tool talks to one database; with the [-r] option
943 attempts are made to contact all the DCs known to the first
944 database. This is necessary for samba-tool visualize uptodateness
945 and for samba-tool visualize reps because the repsFrom/To objects
946 are not replicated, and it can reveal replication issues in other
947 modes.
948 help
950 Gives usage information.
951
953 This man page is complete for version 4.14.5 of the Samba suite.
954
956 The original Samba software and related utilities were created by
957 Andrew Tridgell. Samba is now developed by the Samba Team as an Open
958 Source project similar to the way the Linux kernel is developed.
959Samba 4.14.5 06/01/2021 SAMBA-TOOL(8)