Name
rpcclient commands
Synopsis
Aside from a few miscellaneous commands, the rpclient commands fall into three groups: LSARPC, SAMR, and SPOOLSS. The function names mentioned in some of the commands are those documented in the Microsoft Platform SDK.
General commands
-
debuglevel
level
Sets the debugging level to
level
. With no argument, the current debugging level is printed.-
help
Prints help on the commands.
-
quit
Exits rpcclient. A synonym is
exit
.
Local Security Authority Remote Procedure Calls (LSARPC) commands
-
enumprivs
Lists the types of privileges known to this domain.
-
enumtrust
Lists the domains trusted by this domain.
-
getdispname
priv_name
Prints information on the privilege named
priv_name
.-
lookupsids
name
Finds a name that corresponds to a security identifier (SID).
-
lookupnames
sid
Finds the SID for one or more names.
-
lsaquery
Queries the LSA object.
-
lsaenumsid
Lists SIDs for the local LSA.
-
lsaquerysecobj
Prints information on security objects for the LSA.
Security Access Manager RPC (SAMR) commands
-
createdomuser
username
Adds a new user in the domain.
-
deletedomuser
username
Removes a user from the domain.
-
enumalsgroups
type
Lists alias groups in the domain, along with their group RIDs. The
type
argument can be eitherbuiltin
, to list Windows built-in groups such asAdministrators
andPower
Users
, ordomain
, to list groups in the domain. See also the queryuseraliases command.-
enumdomgroups
Lists the groups in the domain, along with their group RIDs.
-
queryaliasmem
user_rid
Get Using Samba, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.