Linux and Unix smbclient command

Quick links

About smbclient
Syntax
Examples
Related commands
Linux and Unix main page

About smbclient

An ftp-like client to access SMB/CIFS resources on servers.

Description

smbclient is a client that is part of the Samba software suite. It communicates with a LAN Manager server, offering an interface similar to that of the ftp program. Operations include things like getting files from the server to the local machine, putting files from the local machine to the server, retrieving directory information from the server and so on.

Syntax

smbclient servicename [ password ] [ -A ] [ -E ] [ -L host ] [ -M host ] 
          [ -I IP number ] [ -N ] [ -P ] [ -U username ] [ -d debuglevel ] 
          [ -l log basename ] [ -n netbios name ] [ -W workgroup ] 
          [ -O socket options ] [ -p port number ] [ -c command string ] 
          [ -T tar options ] [ -D initial directory ]

Options

servicename servicename is the name of the service you want to use on the server. A service name takes the form \\server\service where server is the netbios name of the LAN Manager server offering the desired service and service is the name of the service offered. So to connect to the service "printer" on the LAN Manager server "lanman", you would use the servicename \\lanman\printer.

Note that the server name required isn't necessarily the hostname of the server. The name required is a LAN Manager server name, which may or may not be the same as the hostname of the machine running the server.
password password is the password required to access the specified service on the specified server. If supplied, the -N option (suppress password prompt) is assumed.

There is no default password. If no password is supplied on the command line (either here or using the -U option (see below)) and -N is not specified, the client will prompt for a password, even if the desired service does not require one. (If no password is required, simply press ENTER to provide a null password.)

Note: Some servers (including OS/2 and Windows for Workgroups) insist on an uppercase password. Lowercase or mixed case passwords may be rejected by these servers. Be cautious about including passwords in scripts.
-A This parameter, if specified, causes the maximum debug level to be selected. Be warned that this generates prodigious amounts of debug data. There is also a security issue involved, as at the maximum debug level cleartext passwords may be written to some log files.
-L This option allows you to look at what services are available on a server. You use it as "smbclient -L host" and a list should appear. The -I option may be useful if your netbios names don't match your tcp/ip host names or if you are trying to reach a host on another network. For example:

smbclient -L ftp -I ftp.microsoft.com
will list the shares available on Microsoft's public server.
-M This options allows you to send messages, using the "WinPopup" protocol, to another computer. Once a connection is established you then type your message, pressing ^D (control-D) to end.

If the receiving computer is running WinPopup the user will receive the message and probably a beep. If they are not running WinPopup the message will be lost, and no error message will occur.

The message is also automatically truncated if the message is over 1600 bytes, as this is the limit of the protocol.

One useful trick is to cat the message through smbclient. For example:

cat mymessage.txt | smbclient -M FRED

will send the message in the file "mymessage.txt" to the machine FRED.

You may also find the -U and -I options useful, as they allow you to control the FROM and TO parts of the message.

See the message command section of smb.conf(5) for a description of how to handle incoming WinPopup messages in Samba.

Copy WinPopup into the startup group on your WfWg PCs if you want them to always be able to receive messages.
-E This parameter, if specified, causes the client to write messages to the standard error stream (stderr) rather than to the standard output stream.

By default, the client writes messages to standard output, typically the user's tty.
-I IP number IP number represents the IP number of the server to connect to. It should be specified in standard "a.b.c.d" notation.

Normally the client will attempt to locate the specified LAN Manager server by looking it up: that is, broadcasting a request for the given server to identify itself. Using this parameter will force the client to assume that the server is on the machine with the specified IP number.

There is no default for this parameter. If not supplied, it will be determined automatically by the client as described above.
-N If specified, this parameter suppresses the normal password prompt from the client to the user. This is useful when accessing a service that does not require a password.

Unless a password is specified on the command line or this parameter is specified, the client will request a password.
-O socket options See the socket options section of smb.conf(5) for details.
-P If specified, the service requested will be connected to as a printer service rather than as a normal filespace service. Operations such as put and get will not be applicable for such a connection.

By default, services will be connected to as NON-printer services.
-U username username is the user name that will be used by the client to make a connection, assuming your server is running a protocol that allows for usernames.

Some servers are fussy about the case of this name, and some insist that it must be a valid netbios name.

If no username is supplied, it will default to an uppercase version of the environment variable USER or LOGNAME in that order. If no username is supplied and neither environment variable exists the user name will be empty.

If the service you are connecting to requires a password, it can be supplied using the -U option, by appending a percent symbol ("%") then the password to username. For example, to attach to a service as user "fred" with password "secret", you would specify -U fred%secret on the command line. Note that there are no spaces around the percent symbol.

If you specify the password as part of username then the -N option (suppress password prompt) is assumed.

If you specify the password as a parameter AND as part of username then the password as part of username will take precedence. Putting nothing before or nothing after the percent symbol will cause an empty username or an empty password to be used, respectively.

Note: Some servers (including OS/2 and Windows for Workgroups) insist on an uppercase password. Lowercase or mixed case passwords may be rejected by these servers.

Be cautious about including passwords in scripts.
-d debuglevel debuglevel is an integer from 0 to 5.

The default value if this parameter is not specified is zero.

The higher this value, the more detail will be logged to the log files about the activities of the client. At level 0, only critical errors and serious warnings will be logged. Level 1 is a reasonable level for day to day running - it generates a small amount of information about operations carried out.

Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic.
-l log basename If specified, log basename specifies a base filename into which operational data from the running client will be logged.

The default base name is specified at compile time.

The base name is used to generate actual log file names. For example, if the name specified was "log", the following files would be used for log data:

log.client.debug (containing debugging information)

log.client.in (containing inbound transaction data)

log.client.out (containing outbound transaction data)

The log files generated are never removed by the client.
-n netbios name By default, the client will use the local machine's hostname (in uppercase) as its netbios name. This parameter allows you to override the host name and use whatever netbios name you want.
-W workgroup Override what workgroup is used for the connection. This may be needed to connect to some servers.
-p port number port number is a positive integer value.

The default value if this parameter is not specified is 139.

This number is the port number that will be used when making connections to the server. The standard (well-known) port number for the server is 139, hence the default.

This parameter is not normally specified.
-T tar options where tar options consists of one or more of c, x, I, X, b, g, N or a; used as:

smbclient '\\server\share' -TcxIXbgNa [ blocksize ] [ newer-file ] 
          tarfile [ filenames.... ] 
c: Create a tar file on UNIX. Must be followed by the name of a tar file, tape device or "-" for standard output. (May be useful to set debugging low (-d0)) to avoid corrupting your tar file if using "-"). Mutually exclusive with the x flag.

x: Extract (restore) a local tar file back to a share. Unless the -D option is given, the tar files will be restored from the top level of the share. Must be followed by the name of the tar file, device or "-" for standard input. Mutually exclusive with the c flag.

I: Include files and directories. Is the default behavior when filenames are specified above. Causes tar files to be included in an "extract" or "create" (and therefore everything else to be excluded). See example below. Filename globbing does not work for included files for extractions (yet).

X: Exclude files and directories. Causes tar files to be excluded from an extract or create. See example below. Filename globbing does not work for excluded files (yet).

b: Blocksize. Must be followed by a valid (greater than zero) blocksize. Causes tar file to be written out in blocksize*TBLOCK (usually 512 byte) blocks.

g: Incremental. Only back up files that have the archive bit set. Useful only with the c flag.

N: Newer than. Must be followed by the name of a file whose date is compared against files found on the share during a create. Only files newer than the file specified are backed up to the tar file. Useful only with the c flag.

a: Set archive bit. Causes the archive bit to be reset when a file is backed up. Useful with the g (and c) flags.

Examples:

smbclient '\\mypc\myshare' "" -N -Tx backup.tar
Restore from tar file backup.tar into myshare on mypc (no password on share).

smbclient '\\mypc\myshare' "" -N -TXx backup.tar users/docs
Restore everything except users/docs

smbclient '\\mypc\myshare' "" -N -Tc backup.tar users/docs
Create a tar file of the files beneath users/docs.
-D initial directory Change to initial directory before starting. Probably only of any use with the tar (-T) option.
-c command string command string is a semicolon-separated list of commands to be executed instead of prompting from stdin. -N is implied by -c.

This is particularly useful in scripts and for printing stdin to the server, e.g. -c 'print -'.

Operations

Once the client is running, the user is presented with a prompt, "smb: \>". The backslash ("\") indicates the current working directory on the server, and will change if the current working directory is changed.

The prompt indicates that the client is ready and waiting to carry out a user command. Each command is a single word, optionally followed by parameters specific to that command. Command and parameters are space-delimited unless these notes specifically state otherwise. All commands are case-insensitive. Parameters to commands may or may not be case sensitive, depending on the command.

You can specify file names which have spaces in them by quoting the name with double quotes, for example "a long file name".

Parameters shown in square brackets (eg., "[parameter]") are optional. If not given, the command will use suitable defaults. Parameters shown in angle brackets (eg., "<parameter>") are required.

Note that all commands operating on the server are actually performed by issuing a request to the server. Thus the behavior may vary from server to server, depending on how the server was implemented.

The commands available are given here in alphabetical order.

? [command] If command is specified, the ? command will display a brief informative message about the specified command.

If no command is specified, a list of available commands will be displayed.
! [shell command] If shell command is specified, the ! command will execute a shell locally and run the specified shell command. If no command is specified, a shell will be run.
cd [directory name] If directory name is specified, the current working directory on the server will be changed to the directory specified. This operation will fail if for any reason the specified directory is inaccessible.

If no directory name is specified, the current working directory on the server will be reported.
del mask The client will request that the server attempt to delete all files matching mask from the current working directory on the server.
dir mask A list of the files matching mask in the current working directory on the server will be retrieved from the server and displayed.
exit Terminate the connection with the server and exit from the program.
get remote-file-name [local-file-name] Copy the file called remote-file-name from the server to the machine running the client. If specified, name the local copy local-file-name. Note that all transfers in smbclient are binary. See also the lowercase command.
help [command] Same as the ? command.
lcd [directory name] If directory name is specified, the current working directory on the local machine will be changed to the directory specified. This operation will fail if for any reason the specified directory is inaccessible.

If no directory name is specified, the name of the current working directory on the local machine will be reported.
lowercase Toggle lowercasing of filenames for the get and mget commands.

When lowercasing is toggled ON, local filenames are converted to lowercase when using the get and mget commands. This is often useful when copying (for instance) MSDOS files from a server, because lowercase filenames are the norm on UNIX systems.
ls mask Same as the dir command.
mask mask This command allows the user to set up a mask which will be used during recursive operation of the mget and mput commands.

The masks specified to the mget and mput commands act as filters for directories rather than files when recursion is toggled ON.

The mask specified with the mask command is necessary to filter files within those directories. For example, if the mask specified in an mget command is "source*" and the mask specified with the mask command is "*.c" and recursion is toggled ON, the mget command will retrieve all files matching "*.c" in all directories below and including all directories matching "source*" in the current working directory.

Note that the value for mask defaults to blank (equivalent to "*") and remains so until the mask command is used to change it. It retains the most recently specified value indefinitely. To avoid unexpected results it would be wise to change the value of mask back to "*" after using the mget or mput commands.
md directory name Same as the mkdir command.
mget mask Copy all files matching mask from the server to the machine running the client.

Note that mask is interpreted differently during recursive operation and non-recursive operation; refer to the recurse and mask commands for more information. Note that all transfers in smbclient are binary. See also the lowercase command.
mkdir directory name Create a new directory on the server (user access privileges permitting) with the specified name.
mput mask Copy all files matching mask in the current working directory on the local machine to the current working directory on the server.

Note that mask is interpreted differently during recursive operation and non-recursive operation; refer to the recurse and mask commands for more information. Note that all transfers in smbclient are binary.
print file name Print the specified file from the local machine through a printable service on the server.

See also the printmode command.
printmode [graphics|text] Set the print mode to suit either binary data (such as graphical information) or text. Subsequent print commands will use the currently set print mode.
prompt Toggle prompting for filenames during operation of the mget and mput commands.

When toggled ON, the user will be prompted to confirm the transfer of each file during these commands. When toggled OFF, all specified files will be transferred without prompting.
put local-file-name [remote-file-name] Copy the file called local-file-name from the machine running the client to the server. If specified, name the remote copy remote-file-name. Note that all transfers in smbclient are binary. See also the lowercase command.
queue Displays the print queue, showing the job id, name, size and current status.
quit Same as the exit command.
rd directory name Same as the rmdir command.
recurse Toggle directory recursion for the commands mget and mput.

When toggled ON, these commands will process all directories in the source directory (i.e., the directory they are copying from) and will recurse into any that match the mask specified to the command. Only files that match the mask specified using the mask command will be retrieved. See also the mask command. When recursion is toggled OFF, only files from the current working directory on the source machine that match the mask specified to the mget or mput commands will be copied, and any mask specified using the mask command will be ignored.
rm mask Remove all files matching mask from the current working directory on the server.
rmdir directory name Remove the specified directory (user access privileges permitting) from the server.
tar c|x[IXbgNa] Performs a tar operation; see the -T command line option above. Behavior may be affected by the tarmode command (see below). Using g (incremental) and N (newer) will affect tarmode settings. Note that using the "-" option with tar x may not work; use the command line option instead.
blocksize blocksize Blocksize. Must be followed by a valid (greater than zero) blocksize. Causes tar file to be written out in blocksize*TBLOCK (usually 512 byte) blocks.
tarmode full|inc|reset|noreset Changes tar's behavior with regard to archive bits. In full mode, tar will back up everything regardless of the archive bit setting (this is the default mode). In incremental mode, tar will only back up files with the archive bit set. In reset mode, tar will reset the archive bit on all files it backs up (implies read/write share).
setmode filename perm=[+|-]rsha A version of the MS-DOS "attrib" command to set file permissions. For example,

setmode myfile +r
would make myfile read-only.

Notes

Some servers are fussy about the case of supplied usernames, passwords, share names (aka service names) and machine names. If you fail to connect try giving all parameters in uppercase.

It is often necessary to use the -n option when connecting to some types of servers. For example OS/2 LANManager insists on a valid netbios name being used, so you need to supply a valid name that would be known to the server.

smbclient supports long file names where the server supports the LANMAN2 protocol.

Environment Variables

The variable USER may contain the username of the person using the client. This information is used only if the protocol level is high enough to support session-level passwords.

Examples

smbclient -L host

Lists available shares on host. Using this command would display information similar to the below output:

Domain=[WORKGROUP] OS=[Windows NT 3.51] Server=[NT LAN Manager 3.51]
Server=[HOPE] User=[] Workgroup=[WORKGROUP] Domain=[] 
Sharename type Comment 
--------- ---- ------- 
ADMIN$    Disk Remote Admin 
C$        Disk Default share 
IPC$      IPC  Remote IPC
smbclient '\\hope\ch' password

Connects to the ch share on the networked computer hope using the login password "password".

Related commands

findsmb — List information about machines networked with the Samba protocol.