<manvolnum>8</manvolnum>
<refmiscinfo class="source">Samba</refmiscinfo>
<refmiscinfo class="manual">System Administration tools</refmiscinfo>
- <refmiscinfo class="version">3.2</refmiscinfo>
+ <refmiscinfo class="version">3.6</refmiscinfo>
</refmeta>
<arg choice="opt">-F</arg>
<arg choice="opt">-S</arg>
<arg choice="opt">-i</arg>
- <arg choice="opt">-Y</arg>
<arg choice="opt">-d <debug level></arg>
<arg choice="opt">-s <smb config file></arg>
<arg choice="opt">-n</arg>
<para>Even if winbind is not used for nsswitch, it still provides a
service to <command>smbd</command>, <command>ntlm_auth</command>
and the <command>pam_winbind.so</command> PAM module, by managing connections to
- domain controllers. In this configuraiton the
- <smbconfoption name="idmap uid"/> and
- <smbconfoption name="idmap gid"/>
- parameters are not required. (This is known as `netlogon proxy only mode'.)</para>
+ domain controllers. In this configuration the
+ <smbconfoption name="idmap config * : range"/>
+ parameter is not required. (This is known as `netlogon proxy only mode'.)</para>
<para> The Name Service Switch allows user
and system information to be obtained from different databases
services such as NIS or DNS. The exact behaviour can be configured
- throught the <filename>/etc/nsswitch.conf</filename> file.
+ through the <filename>/etc/nsswitch.conf</filename> file.
Users and groups are allocated as they are resolved to a range
of user and group ids specified by the administrator of the
Samba system.</para>
the winbindd service: </para>
<variablelist>
- <varlistentry>
- <term>-D</term>
- <listitem><para>If specified, this parameter causes
- the server to operate as a daemon. That is, it detaches
- itself and runs in the background on the appropriate port.
- This switch is assumed if <command>winbindd</command> is
- executed on the command line of a shell.
- </para></listitem>
- </varlistentry>
-
<varlistentry>
<term>hosts</term>
<listitem><para>This feature is only available on IRIX.
resolve user and group information from <filename>/etc/passwd
</filename> and <filename>/etc/group</filename> and then from the
Windows NT server.
+ </para>
+
<programlisting>
passwd: files winbind
group: files winbind
-## only available on IRIX; Linux users should us libnss_wins.so
-hosts: files dns winbind
-</programlisting></para>
+## only available on IRIX: use winbind to resolve hosts:
+# hosts: files dns winbind
+## All other NSS enabled systems should use libnss_wins.so like this:
+hosts: files dns wins
+
+</programlisting>
<para>The following simple configuration in the
<filename>/etc/nsswitch.conf</filename> file can be used to initially
<title>OPTIONS</title>
<variablelist>
+ <varlistentry>
+ <term>-D</term>
+ <listitem><para>If specified, this parameter causes
+ the server to operate as a daemon. That is, it detaches
+ itself and runs in the background on the appropriate port.
+ This switch is assumed if <command>winbindd</command> is
+ executed on the command line of a shell.
+ </para></listitem>
+ </varlistentry>
+
<varlistentry>
<term>-F</term>
<listitem><para>If specified, this parameter causes
</para></listitem>
</varlistentry>
- <varlistentry>
- <term>-Y</term>
- <listitem><para>Single daemon mode. This means winbindd will run
- as a single process (the mode of operation in Samba 2.2). Winbindd's
- default behavior is to launch a child process that is responsible for
- updating expired cache entries.
- </para></listitem>
- </varlistentry>
-
</variablelist>
</refsect1>
determine which user and group ids correspond to Windows NT user
and group rids. </para>
- <para>See the <smbconfoption name="idmap domains"/> or the old <smbconfoption name="idmap backend"/> parameters in
- <filename>smb.conf</filename> for options for sharing this
- database, such as via LDAP.</para>
</refsect1>
<listitem><para>
<smbconfoption name="winbind separator"/></para></listitem>
<listitem><para>
- <smbconfoption name="idmap uid"/></para></listitem>
- <listitem><para>
- <smbconfoption name="idmap gid"/></para></listitem>
+ <smbconfoption name="idmap config * : range"/></para></listitem>
<listitem><para>
- <smbconfoption name="idmap backend"/></para></listitem>
+ <smbconfoption name="idmap config * : backend"/></para></listitem>
<listitem><para>
<smbconfoption name="winbind cache time"/></para></listitem>
<listitem><para>
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/%D/%U
- idmap uid = 10000-20000
- idmap gid = 10000-20000
+ idmap config * : range = 10000-20000
workgroup = DOMAIN
security = domain
password server = *
<para>If more than one UNIX machine is running <command>winbindd</command>,
then in general the user and groups ids allocated by winbindd will not
be the same. The user and group ids will only be valid for the local
- machine, unless a shared <smbconfoption name="idmap backend"/> is configured.</para>
+ machine, unless a shared <smbconfoption name="idmap config * : backend"/> is configured.</para>
<para>If the the Windows NT SID to UNIX user and group id mapping
file is damaged or destroyed then the mappings will be lost. </para>
<refsect1>
<title>VERSION</title>
- <para>This man page is correct for version 3.0 of
+ <para>This man page is correct for version 3 of
the Samba suite.</para>
</refsect1>