Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
MDSEARCH(1)			 User Commands			   MDSEARCH(1)

NAME
       mdsearch	- Run Spotlight	searches against an SMB	server

SYNOPSIS

       mdfine {server} {sharename} {query} [-p,	--path=STRING] [-L, --live]
	[-?|--help] [--usage] [-d|--debuglevel=DEBUGLEVEL] [--debug-stdout]
	[--configfile=CONFIGFILE] [--option=name=value]
	[-l|--log-basename=LOGFILEBASE]	[--leak-report]	[--leak-report-full]
	[-R|--name-resolve=NAME-RESOLVE-ORDER]
	[-O|--socket-options=SOCKETOPTIONS] [-m|--max-protocol=MAXPROTOCOL]
	[-n|--netbiosname=NETBIOSNAME] [--netbios-scope=SCOPE]
	[-W|--workgroup=WORKGROUP] [--realm=REALM]
	[-U|--user=[DOMAIN/]USERNAME[%PASSWORD]] [-N|--no-pass]
	[--password=STRING] [--pw-nt-hash] [-A|--authentication-file=FILE]
	[-P|--machine-pass] [--simple-bind-dn=DN]
	[--use-kerberos=desired|required|off] [--use-krb5-ccache=CCACHE]
	[--use-winbind-ccache] [--client-protection=sign|encrypt|off]
	[-V|--version]

DESCRIPTION
       This tool is part of the	samba(1) suite.

       mdsearch	is a simple utility to run Spotlight searches against an SMB
       server that runs	the Spotlight mdssvc RPC service.

OPTIONS
       server
	   The SMB server name or IP address to	connect	to.

       sharename
	   The name of a share on the server.

       query
	   The query expression	syntax is a simplified form of filename
	   globbing familiar to	shell users. Queries have the following
	   format:

	   attribute=="value"

	   For queries against a Samba server with Spotlight enabled using the
	   Elasticsearch backend, the list of supported	metadata attributes is
	   given by the	JSON attribute mapping file, typically installed at
	   /usr/share/samba/mdssvc/elasticsearch_mappings.json

       -p PATH,	--path=PATH
	   Server side path to search, defaults	to "/"

       -L, --live
	   Query remains running.

       -?|--help
	   Print a summary of command line options.

       --usage
	   Display brief usage message.

       -d|--debuglevel=DEBUGLEVEL
	   level is an integer from 0 to 10. The default value if this
	   parameter is	not specified is 1 for client applications.

	   The higher this value, the more detail will be logged to the	log
	   files about the activities of the server. At	level 0, only critical
	   errors and serious warnings will be logged. Level 1 is a reasonable
	   level for day-to-day	running	- it generates a small amount of
	   information about operations	carried	out.

	   Levels above	1 will generate	considerable amounts of	log data, and
	   should only be used when investigating a problem. Levels above 3
	   are designed	for use	only by	developers and generate	HUGE amounts
	   of log data,	most of	which is extremely cryptic.

	   Note	that specifying	this parameter here will override the log
	   level parameter in the /usr/local/etc/smb4.conf file.

       --debug-stdout
	   This	will redirect debug output to STDOUT. By default all clients
	   are logging to STDERR.

       --configfile=<configuration file>
	   The file specified contains the configuration details required by
	   the client. The information in this file can	be general for client
	   and server or only provide client specific like options such	as
	   client smb encrypt. See /usr/local/etc/smb4.conf for	more
	   information.	The default configuration file name is determined at
	   compile time.

       --option=<name>=<value>
	   Set the smb.conf(5) option "<name>" to value	"<value>" from the
	   command line. This overrides	compiled-in defaults and options read
	   from	the configuration file.	If a name or a value includes a	space,
	   wrap	whole --option=name=value into quotes.

       -l|--log-basename=logdirectory
	   Base	directory name for log/debug files. The	extension ".progname"
	   will	be appended (e.g. log.smbclient, log.smbd, etc...). The	log
	   file	is never removed by the	client.

       --leak-report
	   Enable talloc leak reporting	on exit.

       --leak-report-full
	   Enable full talloc leak reporting on	exit.

       -V|--version
	   Prints the program version number.

       -U|--user=[DOMAIN\]USERNAME[%PASSWORD]
	   Sets	the SMB	username or username and password.

	   If %PASSWORD	is not specified, the user will	be prompted. The
	   client will first check the USER environment	variable (which	is
	   also	permitted to also contain the password separated by a %), then
	   the LOGNAME variable	(which is not permitted	to contain a password)
	   and if either exists, the value is used. If these environmental
	   variables are not found, the	username found in a Kerberos
	   Credentials cache may be used.

	   A third option is to	use a credentials file which contains the
	   plaintext of	the username and password. This	option is mainly
	   provided for	scripts	where the admin	does not wish to pass the
	   credentials on the command line or via environment variables. If
	   this	method is used,	make certain that the permissions on the file
	   restrict access from	unwanted users.	See the	-A for more details.

	   Be cautious about including passwords in scripts or passing
	   user-supplied values	onto the command line. For security it is
	   better to let the Samba client tool ask for the password if needed,
	   or obtain the password once with kinit.

	   While Samba will attempt to scrub the password from the process
	   title (as seen in ps), this is after	startup	and so is subject to a
	   race.

       -N|--no-pass
	   If specified, this parameter	suppresses the normal password prompt
	   from	the client to the user.	This is	useful when accessing a
	   service that	does not require a password.

	   Unless a password is	specified on the command line or this
	   parameter is	specified, the client will request a password.

	   If a	password is specified on the command line and this option is
	   also	defined	the password on	the command line will be silently
	   ignored and no password will	be used.

       --password
	   Specify the password	on the commandline.

	   Be cautious about including passwords in scripts or passing
	   user-supplied values	onto the command line. For security it is
	   better to let the Samba client tool ask for the password if needed,
	   or obtain the password once with kinit.

	   If --password is not	specified, the tool will check the PASSWD
	   environment variable, followed by PASSWD_FD which is	expected to
	   contain an open file	descriptor (FD)	number.

	   Finally it will check PASSWD_FILE (containing a file	path to	be
	   opened). The	file should only contain the password. Make certain
	   that	the permissions	on the file restrict access from unwanted
	   users!

	   While Samba will attempt to scrub the password from the process
	   title (as seen in ps), this is after	startup	and so is subject to a
	   race.

       --pw-nt-hash
	   The supplied	password is the	NT hash.

       -A|--authentication-file=filename
	   This	option allows you to specify a file from which to read the
	   username and	password used in the connection. The format of the
	   file	is:

				   username = <value>
				   password = <value>
				   domain   = <value>

	   Make	certain	that the permissions on	the file restrict access from
	   unwanted users!

       -P|--machine-pass
	   Use stored machine account password.

       --simple-bind-dn=DN
	   DN to use for a simple bind.

       --use-kerberos=desired|required|off
	   This	parameter determines whether Samba client tools	will try to
	   authenticate	using Kerberos.	For Kerberos authentication you	need
	   to use dns names instead of IP addresses when connecting to a
	   service.

	   Note	that specifying	this parameter here will override the client
	   use kerberos	parameter in the /usr/local/etc/smb4.conf file.

       --use-krb5-ccache=CCACHE
	   Specifies the credential cache location for Kerberos
	   authentication.

	   This	will set --use-kerberos=required too.

       --use-winbind-ccache
	   Try to use the credential cache by winbind.

       --client-protection=sign|encrypt|off
	   Sets	the connection protection the client tool should use.

	   Note	that specifying	this parameter here will override the client
	   protection parameter	in the /usr/local/etc/smb4.conf	file.

	   In case you need more fine grained control you can use:
	   --option=clientsmbencrypt=OPTION, --option=clientipcsigning=OPTION,
	   --option=clientsigning=OPTION.

EXAMPLES
       Search all indexed metadata attributes, exact match:

		 '*=="Samba"'

       Search all indexed metadata attributes, prefix match:

		 '*=="Samba*"'

       Search by filename:

		 'kMDItemFSName=="Samba*"'

       Search by date:

		 'kMDItemFSContentChangeDate<$time.iso(2018-10-01T10:00:00Z)'

       Search files's content:

		 'kMDItemTextContent=="Samba*"'

       Expressions:

		 kMDItemFSName=="Samba*"||kMDItemTextContent=="Tango*"'

SEE ALSO
       File Metadata Search Programming	Guide
       https://developer.apple.com/library/archive/documentation/Carbon/Conceptual/SpotlightQuery/Concepts/Introduction.html

VERSION
       This man	page is	part of	version	4.20.7 of the Samba suite.

AUTHOR
       The original Samba software and related utilities were created by
       Andrew Tridgell.	Samba is now developed by the Samba Team as an Open
       Source project similar to the way the Linux kernel is developed.

       The mdsearch manpage was	written	by Ralph Boehme.

Samba 4.20.7			  04/14/2025			   MDSEARCH(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=mdsearch&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help