summaryrefslogtreecommitdiff
path: root/docs/htmldocs/winbindd.8.html
diff options
context:
space:
mode:
Diffstat (limited to 'docs/htmldocs/winbindd.8.html')
-rw-r--r--docs/htmldocs/winbindd.8.html322
1 files changed, 189 insertions, 133 deletions
diff --git a/docs/htmldocs/winbindd.8.html b/docs/htmldocs/winbindd.8.html
index b114c40647..fb8c9c0458 100644
--- a/docs/htmldocs/winbindd.8.html
+++ b/docs/htmldocs/winbindd.8.html
@@ -1,11 +1,12 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>winbindd</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
@@ -15,9 +16,7 @@ VLINK="#840084"
ALINK="#0000FF"
><H1
><A
-NAME="WINBINDD.8"
-></A
->winbindd</H1
+NAME="WINBINDD">winbindd</H1
><DIV
CLASS="REFNAMEDIV"
><A
@@ -30,15 +29,13 @@ NAME="AEN5"
><DIV
CLASS="REFSYNOPSISDIV"
><A
-NAME="AEN8"
-></A
-><H2
+NAME="AEN8"><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>winbindd</B
-> [-F] [-S] [-i] [-B] [-d &#60;debug level&#62;] [-s &#60;smb config file&#62;] [-n]</P
+> [-F] [-S] [-i] [-B] [-d &#60;debug level&#62;] [-s &#60;smb config file&#62;] [-n]</P
></DIV
><DIV
CLASS="REFSECT1"
@@ -48,12 +45,10 @@ NAME="AEN18"
><H2
>DESCRIPTION</H2
><P
->This program is part of the <SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->Samba</SPAN
->(7)</SPAN
+>This program is part of the <A
+HREF="samba.7.html"
+TARGET="_top"
+> Samba</A
> suite.</P
><P
><B
@@ -84,12 +79,16 @@ CLASS="COMMAND"
CLASS="FILENAME"
>pam_winbind</TT
> module in the 2.2.2 release only
- supports the <VAR
+ supports the <TT
CLASS="PARAMETER"
->auth</VAR
-> and <VAR
+><I
+>auth</I
+></TT
+> and <TT
CLASS="PARAMETER"
->account</VAR
+><I
+>account</I
+></TT
>
module-types. The latter simply
performs a getpwnam() to verify that the system can obtain a uid for the
@@ -167,11 +166,22 @@ CLASS="FILENAME"
CLASS="FILENAME"
>/etc/group</TT
> and then from the
- Windows NT server.
-<PRE
+ Windows NT server. </P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
CLASS="PROGRAMLISTING"
>passwd: files winbind
-group: files winbind</PRE
+group: files winbind
+ </PRE
+></TD
+></TR
+></TABLE
></P
><P
>The following simple configuration in the
@@ -188,7 +198,7 @@ CLASS="FILENAME"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN62"
+NAME="AEN61"
></A
><H2
>OPTIONS</H2
@@ -300,12 +310,9 @@ CLASS="COMMAND"
><DD
><P
>Specifies the location of the all-important
- <SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->smb.conf</SPAN
->(5)</SPAN
+ <TT
+CLASS="FILENAME"
+>smb.conf</TT
> file. </P
></DD
></DL
@@ -314,7 +321,7 @@ CLASS="REFENTRYTITLE"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN106"
+NAME="AEN103"
></A
><H2
>NAME AND ID RESOLUTION</H2
@@ -345,7 +352,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN112"
+NAME="AEN109"
></A
><H2
>CONFIGURATION</H2
@@ -354,12 +361,10 @@ NAME="AEN112"
CLASS="COMMAND"
>winbindd</B
> daemon
- is done through configuration parameters in the <SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->smb.conf</SPAN
->(5)</SPAN
+ is done through configuration parameters in the <TT
+CLASS="FILENAME"
+>smb.conf(5)
+ </TT
> file. All parameters should be specified in the
[global] section of smb.conf. </P
><P
@@ -370,9 +375,11 @@ CLASS="REFENTRYTITLE"
><A
HREF="smb.conf.5.html#WINBINDSEPARATOR"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->winbind separator</VAR
+><I
+>winbind separator</I
+></TT
></A
></P
></LI
@@ -381,9 +388,11 @@ CLASS="PARAMETER"
><A
HREF="smb.conf.5.html#WINBINDUID"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->winbind uid</VAR
+><I
+>winbind uid</I
+></TT
></A
></P
></LI
@@ -392,9 +401,11 @@ CLASS="PARAMETER"
><A
HREF="smb.conf.5.html#WINBINDGID"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->winbind gid</VAR
+><I
+>winbind gid</I
+></TT
></A
></P
></LI
@@ -403,9 +414,11 @@ CLASS="PARAMETER"
><A
HREF="smb.conf.5.html#WINBINDCACHETIME"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->winbind cache time</VAR
+><I
+>winbind cache time</I
+></TT
></A
></P
></LI
@@ -414,9 +427,11 @@ CLASS="PARAMETER"
><A
HREF="smb.conf.5.html#WINBINDENUMUSERS"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->winbind enum users</VAR
+><I
+>winbind enum users</I
+></TT
></A
></P
></LI
@@ -425,9 +440,11 @@ CLASS="PARAMETER"
><A
HREF="smb.conf.5.html#WINBINDENUMGROUPS"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->winbind enum groups</VAR
+><I
+>winbind enum groups</I
+></TT
></A
></P
></LI
@@ -436,9 +453,11 @@ CLASS="PARAMETER"
><A
HREF="smb.conf.5.html#TEMPLATEHOMEDIR"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->template homedir</VAR
+><I
+>template homedir</I
+></TT
></A
></P
></LI
@@ -447,9 +466,11 @@ CLASS="PARAMETER"
><A
HREF="smb.conf.5.html#TEMPLATESHELL"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->template shell</VAR
+><I
+>template shell</I
+></TT
></A
></P
></LI
@@ -458,9 +479,11 @@ CLASS="PARAMETER"
><A
HREF="smb.conf.5.html#WINBINDUSEDEFAULTDOMAIN"
TARGET="_top"
-> <VAR
+> <TT
CLASS="PARAMETER"
->winbind use default domain</VAR
+><I
+>winbind use default domain</I
+></TT
></A
></P
></LI
@@ -469,7 +492,7 @@ CLASS="PARAMETER"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN156"
+NAME="AEN151"
></A
><H2
>EXAMPLE SETUP</H2
@@ -482,35 +505,64 @@ NAME="AEN156"
CLASS="FILENAME"
>/etc/nsswitch.conf</TT
> put the
- following:
-<PRE
+ following:</P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
CLASS="PROGRAMLISTING"
>passwd: files winbind
-group: files winbind</PRE
+group: files winbind
+ </PRE
+></TD
+></TR
+></TABLE
></P
><P
>In <TT
CLASS="FILENAME"
>/etc/pam.d/*</TT
-> replace the <VAR
+> replace the
+ <TT
CLASS="PARAMETER"
-> auth</VAR
-> lines with something like this:
-<PRE
+><I
+>auth</I
+></TT
+> lines with something like this: </P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
CLASS="PROGRAMLISTING"
>auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_winbind.so
-auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok</PRE
+auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok
+ </PRE
+></TD
+></TR
+></TABLE
></P
><P
->Note in particular the use of the <VAR
+>Note in particular the use of the <TT
CLASS="PARAMETER"
->sufficient
- </VAR
-> keyword and the <VAR
+><I
+>sufficient</I
+></TT
+>
+ keyword and the <TT
CLASS="PARAMETER"
->use_first_pass</VAR
+><I
+>use_first_pass</I
+></TT
> keyword. </P
><P
>Now replace the account lines with this: </P
@@ -529,15 +581,19 @@ CLASS="COMMAND"
><P
><B
CLASS="COMMAND"
->net join -S PDC -U Administrator</B
+>smbpasswd -j DOMAIN -r PDC -U
+ Administrator</B
></P
><P
->The username after the <VAR
+>The username after the <TT
CLASS="PARAMETER"
->-U</VAR
+><I
+>-U</I
+></TT
> can be any
Domain user that has administrator privileges on the machine.
- Substitute the name or IP of your PDC for "PDC".</P
+ Substitute your domain name for "DOMAIN" and the name of your PDC
+ for "PDC".</P
><P
>Next copy <TT
CLASS="FILENAME"
@@ -548,9 +604,9 @@ CLASS="FILENAME"
>/lib</TT
> and <TT
CLASS="FILENAME"
->pam_winbind.so
- </TT
-> to <TT
+>pam_winbind.so</TT
+>
+ to <TT
CLASS="FILENAME"
>/lib/security</TT
>. A symbolic link needs to be
@@ -568,15 +624,19 @@ CLASS="FILENAME"
>/lib/libnss_winbind.so.1</TT
>.</P
><P
->Finally, setup a <SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->smb.conf</SPAN
->(5)</SPAN
+>Finally, setup a <TT
+CLASS="FILENAME"
+>smb.conf</TT
> containing directives like the
- following:
-<PRE
+ following: </P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
CLASS="PROGRAMLISTING"
>[global]
winbind separator = +
@@ -587,7 +647,11 @@ CLASS="PROGRAMLISTING"
winbind gid = 10000-20000
workgroup = DOMAIN
security = domain
- password server = *</PRE
+ password server = *
+ </PRE
+></TD
+></TR
+></TABLE
></P
><P
>Now start winbindd and you should find that your user and
@@ -606,7 +670,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN194"
+NAME="AEN190"
></A
><H2
>NOTES</H2
@@ -617,12 +681,9 @@ CLASS="COMMAND"
>winbindd</B
>: </P
><P
-><SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->nmbd</SPAN
->(8)</SPAN
+><B
+CLASS="COMMAND"
+>nmbd</B
> must be running on the local machine
for <B
CLASS="COMMAND"
@@ -630,8 +691,8 @@ CLASS="COMMAND"
> to work. <B
CLASS="COMMAND"
>winbindd</B
-> queries
- the list of trusted domains for the Windows NT server
+>
+ queries the list of trusted domains for the Windows NT server
on startup and when a SIGHUP is received. Thus, for a running <B
CLASS="COMMAND"
> winbindd</B
@@ -642,9 +703,9 @@ CLASS="COMMAND"
CLASS="COMMAND"
>winbindd</B
>
- nsswitch module read an environment variable named <VAR
+ nsswitch module read an environment variable named <TT
CLASS="ENVAR"
-> $WINBINDD_DOMAIN</VAR
+> $WINBINDD_DOMAIN</TT
>. If this variable contains a comma separated
list of Windows NT domain names, then winbindd will only resolve users
and groups within those Windows NT domains. </P
@@ -667,7 +728,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN212"
+NAME="AEN206"
></A
><H2
>SIGNALS</H2
@@ -686,14 +747,11 @@ CLASS="VARIABLELIST"
>SIGHUP</DT
><DD
><P
->Reload the <SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->smb.conf</SPAN
->(5)</SPAN
-> file and
- apply any parameter changes to the running
+>Reload the <TT
+CLASS="FILENAME"
+>smb.conf(5)</TT
+>
+ file and apply any parameter changes to the running
version of winbindd. This signal also clears any cached
user and group information. The list of other domains trusted
by winbindd is also reloaded. </P
@@ -721,7 +779,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN231"
+NAME="AEN223"
></A
><H2
>FILES</H2
@@ -772,9 +830,11 @@ CLASS="FILENAME"
><P
>Storage for the Windows NT rid to UNIX user/group
id mapping. The lock directory is specified when Samba is initially
- compiled using the <VAR
+ compiled using the <TT
CLASS="PARAMETER"
->--with-lockdir</VAR
+><I
+>--with-lockdir</I
+></TT
> option.
This directory is by default <TT
CLASS="FILENAME"
@@ -795,7 +855,7 @@ CLASS="FILENAME"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN260"
+NAME="AEN252"
></A
><H2
>VERSION</H2
@@ -806,7 +866,7 @@ NAME="AEN260"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN263"
+NAME="AEN255"
></A
><H2
>SEE ALSO</H2
@@ -814,30 +874,27 @@ NAME="AEN263"
><TT
CLASS="FILENAME"
>nsswitch.conf(5)</TT
->, <SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->Samba</SPAN
->(7)</SPAN
->, <SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->wbinfo</SPAN
->(8)</SPAN
->, <SPAN
-CLASS="CITEREFENTRY"
-><SPAN
-CLASS="REFENTRYTITLE"
->smb.conf</SPAN
->(5)</SPAN
+>,
+ <A
+HREF="samba.7.html"
+TARGET="_top"
+>samba(7)</A
+>,
+ <A
+HREF="wbinfo.1.html"
+TARGET="_top"
+>wbinfo(1)</A
+>,
+ <A
+HREF="smb.conf.5.html"
+TARGET="_top"
+>smb.conf(5)</A
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN276"
+NAME="AEN262"
></A
><H2
>AUTHOR</H2
@@ -853,12 +910,11 @@ CLASS="COMMAND"
> and <B
CLASS="COMMAND"
>winbindd</B
-> were
- written by Tim Potter.</P
+>
+ were written by Tim Potter.</P
><P
>The conversion to DocBook for Samba 2.2 was done
- by Gerald Carter. The conversion to DocBook XML 4.2 for
- Samba 3.0 was done by Alexander Bokovoy.</P
+ by Gerald Carter</P
></DIV
></BODY
></HTML