diff options
Diffstat (limited to 'docs/docbook/manpages/winbindd.8.sgml')
| -rw-r--r-- | docs/docbook/manpages/winbindd.8.sgml | 53 |
1 files changed, 24 insertions, 29 deletions
diff --git a/docs/docbook/manpages/winbindd.8.sgml b/docs/docbook/manpages/winbindd.8.sgml index ed4e72604d..6a1ecd59fd 100644 --- a/docs/docbook/manpages/winbindd.8.sgml +++ b/docs/docbook/manpages/winbindd.8.sgml @@ -25,9 +25,8 @@ <refsect1> <title>DESCRIPTION</title> - <para>This tool is part of the <ulink url="samba.7.html"> - Samba</ulink> suite version 3.0 and describes functionality not - yet implemented in the main version of Samba.</para> + <para>This program is part of the <ulink url="samba.7.html"> + Samba</ulink> suite.</para> <para><command>winbindd</command> is a daemon that provides a service for the Name Service Switch capability that is present @@ -39,7 +38,7 @@ of user and group ids specified by the administrator of the Samba system.</para> - <para>The service provided by winbindd is called `winbind' and + <para>The service provided by <command>winbindd</command> is called `winbind' and can be used to resolve user and group information from a Windows NT server. The service can also provide authentication services via an associated PAM module. </para> @@ -144,7 +143,7 @@ group: files winbind DOMAIN\username. In some cases this separator character may cause problems as the '\' character has special meaning in unix shells. In that case you can use the winbind separator - option to specify an alternative sepataror character. Good + option to specify an alternative separator character. Good alternatives may be '/' (although that conflicts with the unix directory separator) or a '+ 'character. The '+' character appears to be the best choice for 100% @@ -161,7 +160,7 @@ group: files winbind <term>winbind uid</term> <listitem><para>The winbind uid parameter specifies the range of user ids that are allocated by the winbindd daemon. - This range of ids should have no existing local or nis users + This range of ids should have no existing local or NIS users within it as strange conflicts can occur otherwise. </para> <para>Default: <command>winbind uid = <empty string> @@ -175,7 +174,7 @@ group: files winbind <term>winbind gid</term> <listitem><para>The winbind gid parameter specifies the range of group ids that are allocated by the winbindd daemon. - This range of group ids should have no existing local or nis + This range of group ids should have no existing local or NIS groups within it as strange conflicts can occur otherwise.</para> <para>Default: <command>winbind gid = <empty string> @@ -191,7 +190,7 @@ group: files winbind seconds the winbindd daemon will cache user and group information before querying a Windows NT server again. When a item in the cache is older than this time winbindd will ask the domain - controller for the sequence number of the servers account database. + controller for the sequence number of the server's account database. If the sequence number has not changed then the cached item is marked as valid for a further <parameter>winbind cache time </parameter> seconds. Otherwise the item is fetched from the @@ -215,7 +214,7 @@ group: files winbind return any data. </para> <para><emphasis>Warning:</emphasis> Turning off user enumeration - may cause some programs to behave oddly. For example, the finger + may cause some programs to behave oddly. For example, the <command>finger</command> program relies on having access to the full user list when searching for matching usernames. </para> @@ -308,18 +307,15 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok </command></para> <para>The next step is to join the domain. To do that use the - <command>samedit</command> program like this: </para> + <command>smbpasswd</command> program like this: </para> - <para><command>samedit -S '*' -W DOMAIN -UAdministrator</command></para> + <para><command>smbpasswd -j DOMAIN -r PDC -U + Administrator</command></para> - <para>The username after the <parameter>-U</parameter> can be any Domain - user that has administrator priviliges on the machine. Next from - within <command>samedit</command>, run the command: </para> - - <para><command>createuser MACHINE$ -j DOMAIN -L</command></para> - - <para>This assumes your domain is called "DOMAIN" and your Samba - workstation is called "MACHINE". </para> + <para>The username after the <parameter>-U</parameter> can be any + Domain user that has administrator privileges on the machine. + Substitute your domain name for "DOMAIN" and the name of your PDC + for "PDC".</para> <para>Next copy <filename>libnss_winbind.so</filename> to <filename>/lib</filename> and <filename>pam_winbind.so</filename> @@ -329,7 +325,7 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok older version of glibc then the target of the link should be <filename>/lib/libnss_winbind.so.1</filename>.</para> - <para>Finally, setup a smb.conf containing directives like the + <para>Finally, setup a <filename>smb.conf</filename> containing directives like the following: </para> <para><programlisting> @@ -356,7 +352,7 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok <refsect1> - <title>Notes</title> + <title>NOTES</title> <para>The following notes are useful when configuring and running <command>winbindd</command>: </para> @@ -369,8 +365,8 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok servers, it must be sent a SIGHUP signal. </para> <para>Client processes resolving names through the <command>winbindd</command> - nsswitch module read an environment variable named <parameter> - $WINBINDD_DOMAIN</parameter>. If this variable contains a comma separated + nsswitch module read an environment variable named <envar> + $WINBINDD_DOMAIN</envar>. If this variable contains a comma separated list of Windows NT domain names, then winbindd will only resolve users and groups within those Windows NT domains. </para> @@ -389,7 +385,7 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok <refsect1> - <title>Signals</title> + <title>SIGNALS</title> <para>The following signals can be used to manipulate the <command>winbindd</command> daemon. </para> @@ -418,7 +414,7 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok </refsect1> <refsect1> - <title>Files</title> + <title>FILES</title> <variablelist> <varlistentry> @@ -447,7 +443,7 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok <term>$LOCKDIR/winbindd_idmap.tdb</term> <listitem><para>Storage for the Windows NT rid to UNIX user/group id mapping. The lock directory is specified when Samba is initially - compiled using the <filename>--with-lockdir</filename> option. + compiled using the <parameter>--with-lockdir</parameter> option. This directory is by default <filename>/usr/local/samba/var/locks </filename>. </para></listitem> </varlistentry> @@ -464,9 +460,8 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok <refsect1> <title>VERSION</title> - <para>This man page is correct for version 2.2 of - the Samba suite. winbindd is however not available in - stable release of Samba as of yet.</para> + <para>This man page is correct for version 2.2 of + the Samba suite.</para> </refsect1> <refsect1> |