Created manpage for wbinfo program.

Misc documentation updates for winbindd manpage.
(This used to be commit 1f225fddd93d8569d9836310e2f0a56be7f4250e)

1 files changed, 56 insertions, 32 deletions

diff --git a/docs/manpages/winbindd.8 b/docs/manpages/winbindd.8
index a54f01f781..5af9ca5f90 100644
--- a/docs/manpages/winbindd.8
+++ b/docs/manpages/winbindd.8
@@ -1,4 +1,4 @@
-.TH "winbindd " "1" "8 May 2000" "Samba" "SAMBA" 
+.TH "winbindd " "8" "13 Jun 2000" "Samba" "SAMBA" 
 .PP 
 .SH "NAME" 
 winbindd \- Name Service Switch daemon for resolving names from NT servers
@@ -114,6 +114,9 @@ separator) or a + character\&. The + character appears to be the best
 choice for 100% compatibility with existing unix utilities, but may be
 an aesthetically bad choice depending on your taste\&.
 .IP 
+\fBDefault:\fP
+\f(CW     winbind separator = \e\fP
+.IP 
 \fBExample:\fP
 \f(CW     winbind separator = +\fP
 .IP 
@@ -133,9 +136,9 @@ conflicts can occur otherwise\&.
 .IP "winbind gid" 
 .IP 
 The winbind gid parameter specifies the range of group ids that are
-allocated by the \fBwinbindd\fP daemon\&.  This range of
-group ids should have no existing local or nis groups within it as strange
-conflicts can occur otherwise\&.
+allocated by the \fBwinbindd\fP daemon\&.  This range of group ids should have
+no existing local or nis groups within it as strange conflicts can occur
+otherwise\&.
 .IP 
 \fBDefault:\fP
 \f(CW     winbind gid = <empty string>\fP
@@ -145,14 +148,13 @@ conflicts can occur otherwise\&.
 .IP 
 .IP "winbind cache time" 
 .IP 
-This parameter specifies the number of seconds the
-\fBwinbindd\fP daemon will cache user and group
-information before querying a Windows NT server again\&. When a item in
-the cache is older than this time winbindd will ask the domain
-controller for the sequence number of the servers account database\&. If
-the sequence number has not changed then the cached item is marked as
-valid for a further "winbind cache time" seconds\&.  Otherwise the item
-is fetched from the server\&. This means that as long as the account
+This parameter specifies the number of seconds the \fBwinbindd\fP daemon will
+cache user and group information before querying a Windows NT server
+again\&. When a item in the cache is older than this time winbindd will ask
+the domain controller for the sequence number of the servers account
+database\&. If the sequence number has not changed then the cached item is
+marked as valid for a further "winbind cache time" seconds\&.  Otherwise the
+item is fetched from the server\&. This means that as long as the account
 database is not actively changing winbindd will only have to send one
 sequence number query packet every "winbind cache time" seconds\&.
 .IP 
@@ -162,10 +164,10 @@ sequence number query packet every "winbind cache time" seconds\&.
 .IP "template homedir" 
 .IP 
 When filling out the user information for a Windows NT user, the
-\fBwinbindd\fP daemon uses this parameter to fill in
-the home directory for that user\&.  If the string \f(CW%D\fP is present it is
-substituted with the user\'s Windows NT domain name\&.  If the string \f(CW%U\fP
-is present it is substituted with the user\'s Windows NT user name\&.
+\fBwinbindd\fP daemon uses this parameter to fill in the home directory for
+that user\&.  If the string \f(CW%D\fP is present it is substituted with the
+user\'s Windows NT domain name\&.  If the string \f(CW%U\fP is present it is
+substituted with the user\'s Windows NT user name\&.
 .IP 
 \fBDefault:\fP
 \f(CW     template homedir = /home/%D/%U\fP
@@ -173,8 +175,7 @@ is present it is substituted with the user\'s Windows NT user name\&.
 .IP "template shell" 
 .IP 
 When filling out the user information for a Windows NT user, the
-\fBwinbindd\fP daemon uses this parameter to fill in
-the shell for that user\&.  
+\fBwinbindd\fP daemon uses this parameter to fill in the shell for that user\&.
 .IP 
 \fBDefault:\fP
 \f(CW     template shell = /bin/false\fP
@@ -282,27 +283,52 @@ syntax for the username\&. You may wish to use the commands "getent
 passwd" and "getent group" to confirm the correct operation of
 winbindd\&. 
 .PP 
-NOTE: \fBnmbd\fP must be running on the local machine for
+.SH "NOTES" 
+.PP 
+The following notes are useful when configuring and running \fBwinbindd\fP:
+.PP 
+.IP 
+.IP "" 
+\fBnmbd\fP must be running on the local machine for
 \fBwinbindd\fP to work\&.
+.IP 
+.IP "" 
+Client processes resolving names through the \fBwinbindd\fP nsswitch module
+read an environment variable named \f(CWWINBINDD_DOMAIN\fP\&.  If this variable
+contains a comma separated list of Windows NT domain names, then winbindd
+will only resolve users and groups within those Windows NT domains\&.
+.IP 
+.IP "" 
+PAM is really easy to misconfigure\&.  Make sure you know what you are doing
+when modifying PAM configuration files\&.  It is possible to set up PAM
+such that you can no longer log into your system\&.
+.IP 
+.IP "" 
+If more than one UNIX machine is running \fBwinbindd\fP, then in general the
+user and groups ids allocated by \fBwinbindd\fP will not be the same\&.  The
+user and group ids will only be valid for the local machine\&.  
+.IP 
+.IP "" 
+If the the Windows NT RID to UNIX user and group id mapping file
+is damaged or destroyed then the mappings will be lost\&.
+.IP 
 .PP 
 .SH "SIGNALS" 
 .PP 
-The following signals can be used to manipulate the
-\fBwinbindd\fP daemon\&.
+The following signals can be used to manipulate the \fBwinbindd\fP daemon\&.
 .PP 
 .IP 
 .IP "\f(CWSIGHUP\fP" 
 .IP 
 Reload the \f(CWsmb\&.conf\fP file and apply any parameter changes to the running
-version of \fBwinbindd\fP\&.  This signal also clears any
-cached user and group information\&.
+version of \fBwinbindd\fP\&.  This signal also clears any cached user and group
+information\&.
 .IP 
 .IP "\f(CWSIGUSR1\fP" 
 .IP 
-The \f(CWSIGUSR1\fP signal will cause \fBwinbindd\fP to
-write status information to the winbind log file including information
-about the number of user and group ids allocated by
-\fBwinbindd\fP\&.
+The \f(CWSIGUSR1\fP signal will cause \fBwinbindd\fP to write status information
+to the winbind log file including information about the number of user and
+group ids allocated by \fBwinbindd\fP\&.
 .IP 
 Log files are stored in the filename specified by the \fBlog file\fP parameter\&.
 .IP 
@@ -330,10 +356,8 @@ Implementation of name service switch library\&.
 .IP 
 .IP "$LOCKDIR/winbindd_idmap\&.tdb" 
 .IP 
-Storage for the Windows NT rid to UNIX user/group id mapping\&.  If this file
-is damaged or destroyed then the mappings will be lost\&.
-.IP 
-The lock directory is specified when Samba is initially compiled using the
+Storage for the Windows NT rid to UNIX user/group id mapping\&.  The lock
+directory is specified when Samba is initially compiled using the
 \f(CW--with-lockdir\fP option\&.  This directory is by default
 \f(CW/usr/local/samba/var/locks\fP\&.
 .IP 
@@ -353,4 +377,4 @@ The original Samba software and related utilities were created by
 Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open
 Source project\&.
 .PP 
-Winbindd was written by Tim Potter\&.
+\fBwinbindd\fP was written by Tim Potter\&.