Gerenciando usuários com comando NET SAM - Samba 3.0.28

Segue abaixo todos os comandos disponíveis pelo samba via linha de comando para gerenciar usuários:

SAM CREATELOCALGROUP
Create a LOCAL group (also known as Alias). This command requires a running Winbindd with idmap allocation properly configured. The group gid will be allocated out of the winbindd range.

SAM DELETELOCALGROUP
Delete an existing LOCAL group (also known as Alias).

SAM MAPUNIXGROUP
Map an existing Unix group and make it a Domain Group, the domain group will have the same name.

SAM UNMAPUNIXGROUP
Remove an existing group mapping entry.

SAM ADDMEM
Add a member to a Local group. The group can be specified only by name, the member can be specified by name or SID.

SAM DELMEM
Remove a member from a Local group. The group and the member must be specified by name.

SAM LISTMEM
List Local group members. The group must be specified by name.

SAM LIST [verbose]
List the specified set of accounts by name. If verbose is specified, the rid and description is also provided for each account.

SAM SHOW
Show the full DOMAIN\NAME the SID and the type for the corrisponding account.

SAM SET HOMEDIR
Set the home directory for a user account.

SAM SET PROFILEPATH
Set the profile path for a user account.

SAM SET COMMENT (comment)
Set the comment for a user or group account.

SAM SET FULLNAME
Set the full name for a user account.

SAM SET LOGONSCRIPT (script)
Set the logon script for a user account.

SAM SET HOMEDRIVE
Set the home drive for a user account.

SAM SET WORKSTATIONS
Set the workstations a user account is allowed to log in from.

SAM SET DISABLE
Set the "disabled" flag for a user account.

SAM SET PWNOTREQ
Set the "password not required" flag for a user account.

SAM SET AUTOLOCK
Set the "autolock" flag for a user account.

SAM SET PWNOEXP
Set the "password do not expire" flag for a user account.

SAM SET PWMUSTCHANGENOW [yesno]
Set or unset the "password must change" flag fro a user account.

SAM POLICY LIST
List the avilable account policies.

SAM POLICY SHOW
Show the account policy value.

SAM POLICY SET
Set a value for the account policy. Valid values can be: "forever", "never", "off", or a number.

SAM PROVISION
Only available if ldapsam:editposix is set and winbindd is running. Properly populates the ldap tree with the basic accounts (Administrator) and groups (Domain Users, Domain Admins, Domain Guests) on the ldap tree.