diff options
| author | Jelmer Vernooij <jelmer@samba.org> | 2003-04-03 17:44:51 +0000 |
|---|---|---|
| committer | Jelmer Vernooij <jelmer@samba.org> | 2003-04-03 17:44:51 +0000 |
| commit | c57096cb03951c9e849858d5b10f56ed462e936a (patch) | |
| tree | c0ea274b4430a7c1fb1e49bbdc8cc80a19985f68 /docs/manpages/winbindd.8 | |
| parent | c8b342144458e48ee4f94116778684af651c6122 (diff) | |
| download | samba-c57096cb03951c9e849858d5b10f56ed462e936a.tar.gz samba-c57096cb03951c9e849858d5b10f56ed462e936a.tar.bz2 samba-c57096cb03951c9e849858d5b10f56ed462e936a.zip | |
Update manpages for 3.0
(This used to be commit edd15d36f528b64f3ab961908bcd43111e08244b)
Diffstat (limited to 'docs/manpages/winbindd.8')
| -rw-r--r-- | docs/manpages/winbindd.8 | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/docs/manpages/winbindd.8 b/docs/manpages/winbindd.8 index 0a35a9264d..bccc5e04cd 100644 --- a/docs/manpages/winbindd.8 +++ b/docs/manpages/winbindd.8 @@ -3,7 +3,7 @@ .\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> .\" Please send any bug reports, improvements, comments, patches, .\" etc. to Steve Cheng <steve@ggi-project.org>. -.TH "WINBINDD" "8" "30 March 2003" "" "" +.TH "WINBINDD" "8" "03 april 2003" "" "" .SH NAME winbindd \- Name Service Switch daemon for resolving names from NT servers @@ -241,7 +241,7 @@ Now replace the account lines with this: \fR .PP The next step is to join the domain. To do that use the -\fBsmbpasswd\fR program like this: +\fBnet\fR program like this: .PP \fBnet join -S PDC -U Administrator\fR .PP @@ -290,11 +290,6 @@ the list of trusted domains for the Windows NT server on startup and when a SIGHUP is received. Thus, for a running \fB winbindd\fR to become aware of new trust relationships between servers, it must be sent a SIGHUP signal. .PP -Client processes resolving names through the \fBwinbindd\fR -nsswitch module read an environment variable named \fB $WINBINDD_DOMAIN\fR. If this variable contains a comma separated -list of Windows NT domain names, then winbindd will only resolve users -and groups within those Windows NT domains. -.PP PAM is really easy to misconfigure. Make sure you know what you are doing when modifying PAM configuration files. It is possible to set up PAM such that you can no longer log into your system. @@ -338,6 +333,19 @@ if both the \fI/tmp/.winbindd\fR directory and \fI/tmp/.winbindd/pipe\fR file are owned by root. .TP +\fB$LOCKDIR/winbindd_privilaged/pipe\fR +The UNIX pipe over which 'privilaged' clients +communicate with the \fBwinbindd\fR program. For security +reasons, access to some winbindd functions - like those needed by +the \fBntlm_auth\fR utility - is restricted. By default, +only users in the 'root' group will get this access, however the administrator +may change the group permissions on $LOCKDIR/winbindd_privilaged to allow +programs like 'squid' to use ntlm_auth. +Note that the winbind client will only attempt to connect to the winbindd daemon +if both the \fI$LOCKDIR/winbindd_privilaged\fR directory +and \fI$LOCKDIR/winbindd_privilaged/pipe\fR file are owned by +root. +.TP \fB/lib/libnss_winbind.so.X\fR Implementation of name service switch library. .TP |