tsmb-migrate
Winbind backends that save data in persistent storage are tdb and autorid, the migration tool can import the database from one of them, and the corresponding name should be specified in the command line:
Usage: tsmb-migrate [<option>,...] [<command> [<parameter>,...]]
Available Options:
| Option | Description |
|---|---|
-h | Show help information and exit. |
-v | Show version information and exit. |
Available Commands:
| Command | Description |
|---|---|
--get | Get security descriptor |
--set | Set security descriptor |
tsmb-acls --get
This subcommand gets ACLS for a file, or decodes a raw security descriptor.
Usage: tsmb-acls --get [<option>,...] [<path>]
Available Options:
| Option | Description |
|---|---|
--stdin | Read security descriptor from standard input as a hexadecimal character string with optional prefix "hex:". Mutually exclusive with <path> and --map-acls. |
--map-acls <STR> | Method for retrieving ACLs for a given <path>. Supported methods: • xattr[:<variant>]: Get ACLs saved in a dedicated extended attribute, where <variant> is one of: • raw: Self-relative security descriptor in Windows defined native format.• v3: Samba-compatible extended attribute security. NTACL without duplication in POSIX ACL. |
-h, --help | Display help message |
Additional Arguments:
| Argument | Description |
|---|---|
<path> | The path of the file for which to get the ACL. Not applicable with --stdin. |
tsmb-acls --set
Usage: tsmb-acls --set [<option>,...] [<path>] [<sddl-string>]
This subcommand sets ACLS for a file.
Available Options:
| Option | Description |
|---|---|
--map-acls <STR> | Method for storing ACLs for a given <path>. Supported methods: • xattr[:<variant>]: Get ACLs saved in a dedicated extended attribute, where <variant> is one of: • raw: Self-relative security descriptor in Windows defined native format.• v3: Samba-compatible extended attribute security. NTACL without duplication in POSIX ACL. |
-h, --help | Display help message |
Additional Arguments:
| Argument | Description |
|---|---|
<path> | The path of the file for which to get the ACL. |
<sddl-string> | An SDDL string representing the security descriptor to set for the file. |