diff options
Diffstat (limited to 'docs/yodldocs')
-rw-r--r-- | docs/yodldocs/winbindd.8.yo | 217 |
1 files changed, 217 insertions, 0 deletions
diff --git a/docs/yodldocs/winbindd.8.yo b/docs/yodldocs/winbindd.8.yo new file mode 100644 index 0000000000..14010720a0 --- /dev/null +++ b/docs/yodldocs/winbindd.8.yo @@ -0,0 +1,217 @@ +mailto(samba-bugs@samba.org) +manpage(winbindd htmlcommand((1)))(1)(8 May 2000)(Samba)(SAMBA) + +label(NAME) +manpagename(winbindd)(Name Service Switch daemon for resolving names from NT servers) + +label(SYNOPSIS) +manpagesynopsis() + +bf(winbindd) [link(-d debuglevel)(minusd)] [link(-i)(minusi)] + +label(DESCRIPTION) +manpagedescription() + +This program is part of the bf(Samba) suite version 3.0 and describes +functionality not yet implemented in the main version of Samba. + +bf(winbindd) is a daemon that provides a service for the Name Service +Switch capability that is present in most modern C libraries. The Name +Service Switch allows user and system information to be obtained from +different databases services such as NIS or DNS. The exact behaviour can +be configured throught the tt(/etc/nsswitch.conf) file. Users and groups +are allocated as they are resolved to a range of user and group ids +specified by the administrator of the Samba system. + +The service provided by bf(winbindd) is called `ntdom' and can be used to +resolve user and group information from a Windows NT server. + +The following nsswitch databases are implemented by the bf(winbindd) +service: + +startdit() + +dit(passwd) + +User information traditionally stored in the bf(passwd(5)) file and used by +bf(getpwent(3)) functions. + +dit(group) + +Group information traditionally stored in the bf(group(5)) file and used by +bf(getgrent(3)) functions. + +enddit() + +For example, the following simple configuration in the +tt(/etc/nsswitch.conf) file can be used to initially resolve user and group +information from tt(/etc/passwd) and tt(/etc/group) and then from the +Windows NT server. + +passwd: files ntdom +group: files ntdom + +label(OPTIONS) +manpageoptions() + +The following options are available to the bf(winbindd) daemon: + +startdit() + +label(minusd) +dit(bf(-d debuglevel)) +Sets the debuglevel to an integer between 0 and 100. 0 is for no debugging +and 100 is for reams and reams. To submit a bug report to the Samba Team, +use debug level 100 (see bf(BUGS.txt)). + +label(minusi) +dit(bf(-i)) +Tells winbindd to not become a daemon and detach from the current terminal. +This option is used by developers when interactive debugging of winbindd is +required. + +enddit() + +label(NAMEANDIDRESOLUTION) +manpagesection(NAME AND ID RESOLUTION) + +Users and groups on a Windows NT server are assigned a relative id (rid) +which is unique for the domain when the user or group is created. To +convert the Windows NT user or group into a unix user or group, a mapping +between rids and unix user and group ids is required. This is one of the +jobs that bf(winbindd) performs. + +As bf(winbindd) users and groups are resolved from a server, user and group +ids are allocated from a specified range. This is done on a first come, +first served basis, although all existing users and groups will be mapped +as soon as a client performs a user or group enumeration command. The +allocated unix ids are stored in a database file under the Samba lock +directory and will be remembered. + +WARNING: The rid to unix id database is the only location where the user +and group mappings are stored by bf(winbindd). If this file is deleted or +corrupted, there is no way for bf(winbindd) to determine which user and +group ids correspond to Windows NT user and group rids. + +label(CONFIGURATION) +manpagesection(CONFIGURATION) + +Configuration of the bf(winbindd) daemon is done through configuration +parameters in the url(bf(smb.conf))(smb.conf.5.html) file. All parameters +should be specified in the [global] section of +url(bf(smb.conf))(smb.conf.5.html). + +startdit() + +dit(winbind uid) + +The winbind uid parameter specifies the range of user ids that are +allocated by the url(bf(winbindd))(winbindd.8.html) daemon. This range of +ids should have no existing local or nis users within it as strange +conflicts can occur otherwise. + + bf(Default:) +tt( winbind uid = <empty string>) + + bf(Example:) +tt( winbind uid = 10000-20000) + +dit(winbind gid) + +The winbind gid parameter specifies the range of group ids that are +allocated by the url(bf(winbindd))(winbindd.8.html) daemon. This range of +group ids should have no existing local or nis groups within it as strange +conflicts can occur otherwise. + + bf(Default:) +tt( winbind gid = <empty string>) + + bf(Example:) +tt( winbind gid = 10000-20000) + +dit(winbind cache time) + +This parameter specifies the number of seconds the +url(bf(winbindd))(winbindd.8.html) daemon will cache user and group +information before querying a Windows NT server again. + + bf(Default:) +tt( winbind cache type = 15) + +dit(template homedir) + +When filling out the user information for a Windows NT user, the +url(bf(winbindd))(winbindd.8.html) daemon uses this parameter to fill in +the home directory for that user. If the string tt(%D) is present it is +substituted with the user's Windows NT domain name. If the string tt(%U) +is present it is substituted with the user's Windows NT user name. + + bf(Default:) +tt( template homedir = /home/%D/%U) + +dit(template shell) + +When filling out the user information for a Windows NT user, the +url(bf(winbindd))(winbindd.8.html) daemon uses this parameter to fill in +the home directory for that user. If the string tt(%D) is present it is +substituted with the user's Windows NT domain name. If the string tt(%U) +is present it is substituted with the user's Windows NT user name. + + bf(Default:) +tt( template homedir = /home/%D/%U) + +enddit() + +label(FILES) +manpagefiles() + +The following files are relevant to the operation of the bf(winbindd) +daemon. + +startdit() + +dit(/etc/nsswitch.conf(5)) + +Name service switch configuration file. + +dit(/tmp/.winbindd/pipe) + +The UNIX pipe over which clients communicate with the bf(winbindd) program. +For security reasons, the ntdom client will only attempt to connect to the +bf(winbindd) daemon if both the tt(/tmp/.winbindd) directory and +tt(/tmp/.winbindd/pipe) file are owned by root. + +dit(/lib/libnss_ntdom.so.X) + +Implementation of name service switch library. + +dit($LOCKDIR/winbindd_idmap.tdb) + +Storage for the Windows NT rid to UNIX user/group id mapping. If this file +is damaged or destroyed then the mappings will be lost. + +The lock directory is specified when Samba is initially compiled using the +tt(--with-lockdir) option. This directory is by default +tt(/usr/local/samba/var/locks). + +dit($LOCKDIR/winbindd_cache.tdb) + +Storage for cached user and group information. + +enddit() + +label(SEEALSO) +manpageseealso() + +url(bf(samba(7)))(samba.7.html), url(bf(smb.conf(5)))(smb.conf.5.html), +bf(nsswitch.conf(5)) + +label(AUTHOR) +manpageauthor() + +The original Samba software and related utilities were created by +Andrew Tridgell email(samba-bugs@samba.org). Samba is now developed +by the Samba Team as an Open Source project similar to the way the +Linux kernel is developed. + +Winbindd was written by Tim Potter. |