diff options
author | Tim Potter <tpot@samba.org> | 2000-05-12 04:03:35 +0000 |
---|---|---|
committer | Tim Potter <tpot@samba.org> | 2000-05-12 04:03:35 +0000 |
commit | f248d1653c4241705bddda57803a8e3373521ef0 (patch) | |
tree | 8ec1fa15cc78a676d56029c6edfee750f95b53df /docs/htmldocs | |
parent | 88b6a63ab2b3583a56400ca9bf8b694275284c9a (diff) | |
download | samba-f248d1653c4241705bddda57803a8e3373521ef0.tar.gz samba-f248d1653c4241705bddda57803a8e3373521ef0.tar.bz2 samba-f248d1653c4241705bddda57803a8e3373521ef0.zip |
HTML version of yodl doc.
(This used to be commit dce11c9cd1638f2bd4b762e309a2b2e630d8ba01)
Diffstat (limited to 'docs/htmldocs')
-rw-r--r-- | docs/htmldocs/winbindd.8.html | 178 |
1 files changed, 178 insertions, 0 deletions
diff --git a/docs/htmldocs/winbindd.8.html b/docs/htmldocs/winbindd.8.html new file mode 100644 index 0000000000..ad0edf32ac --- /dev/null +++ b/docs/htmldocs/winbindd.8.html @@ -0,0 +1,178 @@ + + + + + +<html><head><title>winbindd (1)</title> + +<link rev="made" href="mailto:samba-bugs@samba.org"> +</head> +<body> + +<hr> + +<h1>winbindd (1)</h1> +<h2>Samba</h2> +<h2>8 May 2000</h2> + + + +<p><a name="NAME"></a> +<h2>NAME</h2> + winbindd - Name Service Switch daemon for resolving names from NT servers +<p><a name="SYNOPSIS"></a> +<h2>SYNOPSIS</h2> + +<p><strong>winbindd</strong> [<a href="winbindd.8.html#minusd">-d debuglevel</a>] [<a href="winbindd.8.html#minusi">-i</a>] +<p><a name="DESCRIPTION"></a> +<h2>DESCRIPTION</h2> + +<p>This program is part of the <strong>Samba</strong> suite version 3.0 and describes +functionality not yet implemented in the main version of Samba. +<p><strong>winbindd</strong> is a daemon that provides a service for the Name Service +Switch capability that is present in most modern C libraries. The Name +Service Switch allows user and system information to be obtained from +different databases services such as NIS or DNS. The exact behaviour can +be configured throught the <code>/etc/nsswitch.conf</code> file. Users and groups +are allocated as they are resolved to a range of user and group ids +specified by the administrator of the Samba system. +<p>The service provided by <strong>winbindd</strong> is called `winbind' and can be used to +resolve user and group information from a Windows NT server. +<p>The following nsswitch databases are implemented by the <strong>winbindd</strong> +service: +<p><dl> +<p><p></p><dt><strong>passwd</strong><dd> +<p>User information traditionally stored in the <strong>passwd(5)</strong> file and used by +<strong>getpwent(3)</strong> functions. +<p><p></p><dt><strong>group</strong><dd> +<p>Group information traditionally stored in the <strong>group(5)</strong> file and used by +<strong>getgrent(3)</strong> functions. +<p></dl> +<p>For example, the following simple configuration in the +<code>/etc/nsswitch.conf</code> file can be used to initially resolve user and group +information from <code>/etc/passwd</code> and <code>/etc/group</code> and then from the +Windows NT server. +<p><code>passwd: files winbind</code> +<p><code>group: files winbind</code> +<p><a name="OPTIONS"></a> +<h2>OPTIONS</h2> + +<p>The following options are available to the <strong>winbindd</strong> daemon: +<p><dl> +<p><a name="minusd"></a> +<p></p><dt><strong><strong>-d debuglevel</strong></strong><dd> +Sets the debuglevel to an integer between 0 and 100. 0 is for no debugging +and 100 is for reams and reams. To submit a bug report to the Samba Team, +use debug level 100 (see <strong>BUGS.txt</strong>). +<p><a name="minusi"></a> +<p></p><dt><strong><strong>-i</strong></strong><dd> +Tells winbindd to not become a daemon and detach from the current terminal. +This option is used by developers when interactive debugging of winbindd is +required. +<p></dl> +<p><a name="NAMEANDIDRESOLUTION"></a> +<h2>NAME AND ID RESOLUTION</h2> + +<p>Users and groups on a Windows NT server are assigned a relative id (rid) +which is unique for the domain when the user or group is created. To +convert the Windows NT user or group into a unix user or group, a mapping +between rids and unix user and group ids is required. This is one of the +jobs that <strong>winbindd</strong> performs. +<p>As <strong>winbindd</strong> users and groups are resolved from a server, user and group +ids are allocated from a specified range. This is done on a first come, +first served basis, although all existing users and groups will be mapped +as soon as a client performs a user or group enumeration command. The +allocated unix ids are stored in a database file under the Samba lock +directory and will be remembered. +<p>WARNING: The rid to unix id database is the only location where the user +and group mappings are stored by <strong>winbindd</strong>. If this file is deleted or +corrupted, there is no way for <strong>winbindd</strong> to determine which user and +group ids correspond to Windows NT user and group rids. +<p><a name="CONFIGURATION"></a> +<h2>CONFIGURATION</h2> + +<p>Configuration of the <strong>winbindd</strong> daemon is done through configuration +parameters in the <a href="smb.conf.5.html"><strong>smb.conf</strong></a> file. All parameters +should be specified in the [global] section of +<a href="smb.conf.5.html"><strong>smb.conf</strong></a>. +<p><dl> +<p><p></p><dt><strong>winbind uid</strong><dd> +<p>The winbind uid parameter specifies the range of user ids that are +allocated by the <a href="winbindd.8.html"><strong>winbindd</strong></a> daemon. This range of +ids should have no existing local or nis users within it as strange +conflicts can occur otherwise. +<p><strong>Default:</strong> +<code> winbind uid = <empty string></code> +<p><strong>Example:</strong> +<code> winbind uid = 10000-20000</code> +<p><p></p><dt><strong>winbind gid</strong><dd> +<p>The winbind gid parameter specifies the range of group ids that are +allocated by the <a href="winbindd.8.html"><strong>winbindd</strong></a> daemon. This range of +group ids should have no existing local or nis groups within it as strange +conflicts can occur otherwise. +<p><strong>Default:</strong> +<code> winbind gid = <empty string></code> +<p><strong>Example:</strong> +<code> winbind gid = 10000-20000</code> +<p><p></p><dt><strong>winbind cache time</strong><dd> +<p>This parameter specifies the number of seconds the +<a href="winbindd.8.html"><strong>winbindd</strong></a> daemon will cache user and group +information before querying a Windows NT server again. +<p><strong>Default:</strong> +<code> winbind cache type = 15</code> +<p><p></p><dt><strong>template homedir</strong><dd> +<p>When filling out the user information for a Windows NT user, the +<a href="winbindd.8.html"><strong>winbindd</strong></a> daemon uses this parameter to fill in +the home directory for that user. If the string <code>%D</code> is present it is +substituted with the user's Windows NT domain name. If the string <code>%U</code> +is present it is substituted with the user's Windows NT user name. +<p><strong>Default:</strong> +<code> template homedir = /home/%D/%U</code> +<p><p></p><dt><strong>template shell</strong><dd> +<p>When filling out the user information for a Windows NT user, the +<a href="winbindd.8.html"><strong>winbindd</strong></a> daemon uses this parameter to fill in +the home directory for that user. If the string <code>%D</code> is present it is +substituted with the user's Windows NT domain name. If the string <code>%U</code> +is present it is substituted with the user's Windows NT user name. +<p><strong>Default:</strong> +<code> template homedir = /home/%D/%U</code> +<p></dl> +<p><a name="FILES"></a> +<h2>FILES</h2> + +<p>The following files are relevant to the operation of the <strong>winbindd</strong> +daemon. +<p><dl> +<p><p></p><dt><strong>/etc/nsswitch.conf(5)</strong><dd> +<p>Name service switch configuration file. +<p><p></p><dt><strong>/tmp/.winbindd/pipe</strong><dd> +<p>The UNIX pipe over which clients communicate with the <strong>winbindd</strong> program. +For security reasons, the winbind client will only attempt to connect to the +<strong>winbindd</strong> daemon if both the <code>/tmp/.winbindd</code> directory and +<code>/tmp/.winbindd/pipe</code> file are owned by root. +<p><p></p><dt><strong>/lib/libnss_winbind.so.X</strong><dd> +<p>Implementation of name service switch library. +<p><p></p><dt><strong>$LOCKDIR/winbindd_idmap.tdb</strong><dd> +<p>Storage for the Windows NT rid to UNIX user/group id mapping. If this file +is damaged or destroyed then the mappings will be lost. +<p>The lock directory is specified when Samba is initially compiled using the +<code>--with-lockdir</code> option. This directory is by default +<code>/usr/local/samba/var/locks</code>. +<p><p></p><dt><strong>$LOCKDIR/winbindd_cache.tdb</strong><dd> +<p>Storage for cached user and group information. +<p></dl> +<p><a name="SEEALSO"></a> +<h2>SEE ALSO</h2> + +<p><a href="samba.7.html"><strong>samba(7)</strong></a>, <a href="smb.conf.5.html"><strong>smb.conf(5)</strong></a>, +<strong>nsswitch.conf(5)</strong> +<p><a name="AUTHOR"></a> +<h2>AUTHOR</h2> + +<p>The original Samba software and related utilities were created by +Andrew Tridgell <a href="mailto:samba-bugs@samba.org"><em>samba-bugs@samba.org</em></a>. Samba is now developed +by the Samba Team as an Open Source project similar to the way the +Linux kernel is developed. +<p>Winbindd was written by Tim Potter. +</body> +</html> |