diff options
Diffstat (limited to 'docs/htmldocs/winbindd.8.html')
| -rw-r--r-- | docs/htmldocs/winbindd.8.html | 50 |
1 files changed, 24 insertions, 26 deletions
diff --git a/docs/htmldocs/winbindd.8.html b/docs/htmldocs/winbindd.8.html index 10759df47e..fdcde9fba8 100644 --- a/docs/htmldocs/winbindd.8.html +++ b/docs/htmldocs/winbindd.8.html @@ -1,5 +1,5 @@ <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>winbindd</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.60.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="winbindd.8"></a><div class="titlepage"><div></div><div></div></div><div class="refnamediv"><h2>Name</h2><p>winbindd — Name Service Switch daemon for resolving names - from NT servers</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><tt class="command">winbindd</tt> [-F] [-S] [-i] [-Y] [-d <debug level>] [-s <smb config file>] [-n]</p></div></div><div xmlns:ns1="" class="refsect1" lang="en"><h2>DESCRIPTION</h2><p>This program is part of the <a href="Samba.7.html"><span class="citerefentry"><span class="refentrytitle">Samba</span>(7)</span></a> suite.</p><p><b class="command">winbindd</b> is a daemon that provides + from NT servers</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><tt class="command">winbindd</tt> [-F] [-S] [-i] [-Y] [-d <debug level>] [-s <smb config file>] [-n]</p></div></div><div class="refsect1" lang="en"><h2>DESCRIPTION</h2><p>This program is part of the <a href="Samba.7.html"><span class="citerefentry"><span class="refentrytitle">Samba</span>(7)</span></a> suite.</p><p><b class="command">winbindd</b> is a daemon that provides a service for the Name Service Switch capability that is present in most modern C libraries. The Name Service Switch allows user and system information to be obtained from different databases @@ -26,12 +26,12 @@ the <tt class="filename">passwd(5)</tt> file and used by <b class="command">getpwent(3)</b> functions. </p></dd><dt><span class="term">group</span></dt><dd><p>Group information traditionally stored in the <tt class="filename">group(5)</tt> file and used by - <b class="command">getgrent(3)</b> functions. </p></dd></dl></div><ns1:p>For example, the following simple configuration in the + <b class="command">getgrent(3)</b> functions. </p></dd></dl></div><p>For example, the following simple configuration in the <tt class="filename">/etc/nsswitch.conf</tt> file can be used to initially resolve user and group information from <tt class="filename">/etc/passwd </tt> and <tt class="filename">/etc/group</tt> and then from the Windows NT server. -</ns1:p><pre class="programlisting"> +</p><pre class="programlisting"> passwd: files winbind group: files winbind </pre><p>The following simple configuration in the @@ -55,8 +55,7 @@ configuration details required by the server. The information in this file includes server-specific information such as what printcap file to use, as well as descriptions of all the services that the server is -to provide. See <a href="smb.conf.5.html" target="_top"><tt class="filename"> -smb.conf(5)</tt></a> for more information. +to provide. See <tt class="filename">smb.conf</tt> for more information. The default configuration file name is determined at compile time.</p></dd><dt><span class="term">-d|--debug=debuglevel</span></dt><dd><p><i class="replaceable"><tt>debuglevel</tt></i> is an integer from 0 to 10. The default value if this parameter is @@ -70,9 +69,8 @@ amounts of log data, and should only be used when investigating a problem. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will -override the <a href="smb.conf.5.html#loglevel" target="_top">log -level</a> parameter in the <a href="smb.conf.5.html" target="_top"> -<tt class="filename">smb.conf(5)</tt></a> file.</p></dd><dt><span class="term">-l|--logfile=logbasename</span></dt><dd><p>File name for log/debug files. The extension +override the <a class="indexterm" name="id2796930"></a><i class="parameter"><tt>log level</tt></i> parameter +in the <tt class="filename">smb.conf</tt> file.</p></dd><dt><span class="term">-l|--logfile=logbasename</span></dt><dd><p>File name for log/debug files. The extension <tt class="constant">".client"</tt> will be appended. The log file is never removed by the client. </p></dd><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options. @@ -109,25 +107,25 @@ never removed by the client. determine which user and group ids correspond to Windows NT user and group rids. </p></div><div class="refsect1" lang="en"><h2>CONFIGURATION</h2><p>Configuration of the <b class="command">winbindd</b> daemon is done through configuration parameters in the <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> file. All parameters should be specified in the - [global] section of smb.conf. </p><div class="itemizedlist"><ul type="disc"><li><p><a href="smb.conf.5.html#WINBINDSEPARATOR" target="_top"> - <i class="parameter"><tt>winbind separator</tt></i></a></p></li><li><p><a href="smb.conf.5.html#WINBINDUID" target="_top"> - <i class="parameter"><tt>winbind uid</tt></i></a></p></li><li><p><a href="smb.conf.5.html#WINBINDGID" target="_top"> - <i class="parameter"><tt>winbind gid</tt></i></a></p></li><li><p><a href="smb.conf.5.html#WINBINDCACHETIME" target="_top"> - <i class="parameter"><tt>winbind cache time</tt></i></a></p></li><li><p><a href="smb.conf.5.html#WINBINDENUMUSERS" target="_top"> - <i class="parameter"><tt>winbind enum users</tt></i></a></p></li><li><p><a href="smb.conf.5.html#WINBINDENUMGROUPS" target="_top"> - <i class="parameter"><tt>winbind enum groups</tt></i></a></p></li><li><p><a href="smb.conf.5.html#TEMPLATEHOMEDIR" target="_top"> - <i class="parameter"><tt>template homedir</tt></i></a></p></li><li><p><a href="smb.conf.5.html#TEMPLATESHELL" target="_top"> - <i class="parameter"><tt>template shell</tt></i></a></p></li><li><p><a href="smb.conf.5.html#WINBINDUSEDEFAULTDOMAIN" target="_top"> - <i class="parameter"><tt>winbind use default domain</tt></i></a></p></li></ul></div></div><div xmlns:ns2="" class="refsect1" lang="en"><h2>EXAMPLE SETUP</h2><p>To setup winbindd for user and group lookups plus + [global] section of smb.conf. </p><div class="itemizedlist"><ul type="disc"><li><p> + <a class="indexterm" name="id2797162"></a><i class="parameter"><tt>winbind separator</tt></i></p></li><li><p> + <a class="indexterm" name="id2797180"></a><i class="parameter"><tt>idmap uid</tt></i></p></li><li><p> + <a class="indexterm" name="id2797198"></a><i class="parameter"><tt>idmap gid</tt></i></p></li><li><p> + <a class="indexterm" name="id2797216"></a><i class="parameter"><tt>winbind cache time</tt></i></p></li><li><p> + <a class="indexterm" name="id2797234"></a><i class="parameter"><tt>winbind enum users</tt></i></p></li><li><p> + <a class="indexterm" name="id2797252"></a><i class="parameter"><tt>winbind enum groups</tt></i></p></li><li><p> + <a class="indexterm" name="id2797270"></a><i class="parameter"><tt>template homedir</tt></i></p></li><li><p> + <a class="indexterm" name="id2797288"></a><i class="parameter"><tt>template shell</tt></i></p></li><li><p> + <a class="indexterm" name="id2797307"></a><i class="parameter"><tt>winbind use default domain</tt></i></p></li></ul></div></div><div class="refsect1" lang="en"><h2>EXAMPLE SETUP</h2><p>To setup winbindd for user and group lookups plus authentication from a domain controller use something like the - following setup. This was tested on a RedHat 6.2 Linux box. </p><ns2:p>In <tt class="filename">/etc/nsswitch.conf</tt> put the + following setup. This was tested on a RedHat 6.2 Linux box. </p><p>In <tt class="filename">/etc/nsswitch.conf</tt> put the following: -</ns2:p><pre class="programlisting"> +</p><pre class="programlisting"> passwd: files winbind group: files winbind -</pre><ns2:p>In <tt class="filename">/etc/pam.d/*</tt> replace the <i class="parameter"><tt> +</pre><p>In <tt class="filename">/etc/pam.d/*</tt> replace the <i class="parameter"><tt> auth</tt></i> lines with something like this: -</ns2:p><pre class="programlisting"> +</p><pre class="programlisting"> auth required /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_winbind.so @@ -143,16 +141,16 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok made from <tt class="filename">/lib/libnss_winbind.so</tt> to <tt class="filename">/lib/libnss_winbind.so.2</tt>. If you are using an older version of glibc then the target of the link should be - <tt class="filename">/lib/libnss_winbind.so.1</tt>.</p><ns2:p>Finally, setup a <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> containing directives like the + <tt class="filename">/lib/libnss_winbind.so.1</tt>.</p><p>Finally, setup a <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> containing directives like the following: -</ns2:p><pre class="programlisting"> +</p><pre class="programlisting"> [global] winbind separator = + winbind cache time = 10 template shell = /bin/bash template homedir = /home/%D/%U - winbind uid = 10000-20000 - winbind gid = 10000-20000 + idmap uid = 10000-20000 + idmap gid = 10000-20000 workgroup = DOMAIN security = domain password server = * |