--- /dev/null
+
+
+
+
+
+<html><head><title>winbindd (1)</title>
+
+<link rev="made" href="mailto:samba-bugs@samba.org">
+</head>
+<body>
+
+<hr>
+
+<h1>winbindd (1)</h1>
+<h2>Samba</h2>
+<h2>8 May 2000</h2>
+
+
+
+<p><a name="NAME"></a>
+<h2>NAME</h2>
+ winbindd - Name Service Switch daemon for resolving names from NT servers
+<p><a name="SYNOPSIS"></a>
+<h2>SYNOPSIS</h2>
+
+<p><strong>winbindd</strong> [<a href="winbindd.8.html#minusd">-d debuglevel</a>] [<a href="winbindd.8.html#minusi">-i</a>]
+<p><a name="DESCRIPTION"></a>
+<h2>DESCRIPTION</h2>
+
+<p>This program is part of the <strong>Samba</strong> suite version 3.0 and describes
+functionality not yet implemented in the main version of Samba.
+<p><strong>winbindd</strong> is a daemon that provides a service for the Name Service
+Switch capability that is present in most modern C libraries. The Name
+Service Switch allows user and system information to be obtained from
+different databases services such as NIS or DNS. The exact behaviour can
+be configured throught the <code>/etc/nsswitch.conf</code> file. Users and groups
+are allocated as they are resolved to a range of user and group ids
+specified by the administrator of the Samba system.
+<p>The service provided by <strong>winbindd</strong> is called `winbind' and can be used to
+resolve user and group information from a Windows NT server.
+<p>The following nsswitch databases are implemented by the <strong>winbindd</strong>
+service:
+<p><dl>
+<p><p></p><dt><strong>passwd</strong><dd>
+<p>User information traditionally stored in the <strong>passwd(5)</strong> file and used by
+<strong>getpwent(3)</strong> functions.
+<p><p></p><dt><strong>group</strong><dd>
+<p>Group information traditionally stored in the <strong>group(5)</strong> file and used by
+<strong>getgrent(3)</strong> functions.
+<p></dl>
+<p>For example, the following simple configuration in the
+<code>/etc/nsswitch.conf</code> file can be used to initially resolve user and group
+information from <code>/etc/passwd</code> and <code>/etc/group</code> and then from the
+Windows NT server.
+<p><code>passwd: files winbind</code>
+<p><code>group: files winbind</code>
+<p><a name="OPTIONS"></a>
+<h2>OPTIONS</h2>
+
+<p>The following options are available to the <strong>winbindd</strong> daemon:
+<p><dl>
+<p><a name="minusd"></a>
+<p></p><dt><strong><strong>-d debuglevel</strong></strong><dd>
+Sets the debuglevel to an integer between 0 and 100. 0 is for no debugging
+and 100 is for reams and reams. To submit a bug report to the Samba Team,
+use debug level 100 (see <strong>BUGS.txt</strong>).
+<p><a name="minusi"></a>
+<p></p><dt><strong><strong>-i</strong></strong><dd>
+Tells winbindd to not become a daemon and detach from the current terminal.
+This option is used by developers when interactive debugging of winbindd is
+required.
+<p></dl>
+<p><a name="NAMEANDIDRESOLUTION"></a>
+<h2>NAME AND ID RESOLUTION</h2>
+
+<p>Users and groups on a Windows NT server are assigned a relative id (rid)
+which is unique for the domain when the user or group is created. To
+convert the Windows NT user or group into a unix user or group, a mapping
+between rids and unix user and group ids is required. This is one of the
+jobs that <strong>winbindd</strong> performs.
+<p>As <strong>winbindd</strong> users and groups are resolved from a server, user and group
+ids are allocated from a specified range. This is done on a first come,
+first served basis, although all existing users and groups will be mapped
+as soon as a client performs a user or group enumeration command. The
+allocated unix ids are stored in a database file under the Samba lock
+directory and will be remembered.
+<p>WARNING: The rid to unix id database is the only location where the user
+and group mappings are stored by <strong>winbindd</strong>. If this file is deleted or
+corrupted, there is no way for <strong>winbindd</strong> to determine which user and
+group ids correspond to Windows NT user and group rids.
+<p><a name="CONFIGURATION"></a>
+<h2>CONFIGURATION</h2>
+
+<p>Configuration of the <strong>winbindd</strong> daemon is done through configuration
+parameters in the <a href="smb.conf.5.html"><strong>smb.conf</strong></a> file. All parameters
+should be specified in the [global] section of
+<a href="smb.conf.5.html"><strong>smb.conf</strong></a>.
+<p><dl>
+<p><p></p><dt><strong>winbind uid</strong><dd>
+<p>The winbind uid parameter specifies the range of user ids that are
+allocated by the <a href="winbindd.8.html"><strong>winbindd</strong></a> daemon. This range of
+ids should have no existing local or nis users within it as strange
+conflicts can occur otherwise.
+<p><strong>Default:</strong>
+<code> winbind uid = <empty string></code>
+<p><strong>Example:</strong>
+<code> winbind uid = 10000-20000</code>
+<p><p></p><dt><strong>winbind gid</strong><dd>
+<p>The winbind gid parameter specifies the range of group ids that are
+allocated by the <a href="winbindd.8.html"><strong>winbindd</strong></a> daemon. This range of
+group ids should have no existing local or nis groups within it as strange
+conflicts can occur otherwise.
+<p><strong>Default:</strong>
+<code> winbind gid = <empty string></code>
+<p><strong>Example:</strong>
+<code> winbind gid = 10000-20000</code>
+<p><p></p><dt><strong>winbind cache time</strong><dd>
+<p>This parameter specifies the number of seconds the
+<a href="winbindd.8.html"><strong>winbindd</strong></a> daemon will cache user and group
+information before querying a Windows NT server again.
+<p><strong>Default:</strong>
+<code> winbind cache type = 15</code>
+<p><p></p><dt><strong>template homedir</strong><dd>
+<p>When filling out the user information for a Windows NT user, the
+<a href="winbindd.8.html"><strong>winbindd</strong></a> daemon uses this parameter to fill in
+the home directory for that user. If the string <code>%D</code> is present it is
+substituted with the user's Windows NT domain name. If the string <code>%U</code>
+is present it is substituted with the user's Windows NT user name.
+<p><strong>Default:</strong>
+<code> template homedir = /home/%D/%U</code>
+<p><p></p><dt><strong>template shell</strong><dd>
+<p>When filling out the user information for a Windows NT user, the
+<a href="winbindd.8.html"><strong>winbindd</strong></a> daemon uses this parameter to fill in
+the home directory for that user. If the string <code>%D</code> is present it is
+substituted with the user's Windows NT domain name. If the string <code>%U</code>
+is present it is substituted with the user's Windows NT user name.
+<p><strong>Default:</strong>
+<code> template homedir = /home/%D/%U</code>
+<p></dl>
+<p><a name="FILES"></a>
+<h2>FILES</h2>
+
+<p>The following files are relevant to the operation of the <strong>winbindd</strong>
+daemon.
+<p><dl>
+<p><p></p><dt><strong>/etc/nsswitch.conf(5)</strong><dd>
+<p>Name service switch configuration file.
+<p><p></p><dt><strong>/tmp/.winbindd/pipe</strong><dd>
+<p>The UNIX pipe over which clients communicate with the <strong>winbindd</strong> program.
+For security reasons, the winbind client will only attempt to connect to the
+<strong>winbindd</strong> daemon if both the <code>/tmp/.winbindd</code> directory and
+<code>/tmp/.winbindd/pipe</code> file are owned by root.
+<p><p></p><dt><strong>/lib/libnss_winbind.so.X</strong><dd>
+<p>Implementation of name service switch library.
+<p><p></p><dt><strong>$LOCKDIR/winbindd_idmap.tdb</strong><dd>
+<p>Storage for the Windows NT rid to UNIX user/group id mapping. If this file
+is damaged or destroyed then the mappings will be lost.
+<p>The lock directory is specified when Samba is initially compiled using the
+<code>--with-lockdir</code> option. This directory is by default
+<code>/usr/local/samba/var/locks</code>.
+<p><p></p><dt><strong>$LOCKDIR/winbindd_cache.tdb</strong><dd>
+<p>Storage for cached user and group information.
+<p></dl>
+<p><a name="SEEALSO"></a>
+<h2>SEE ALSO</h2>
+
+<p><a href="samba.7.html"><strong>samba(7)</strong></a>, <a href="smb.conf.5.html"><strong>smb.conf(5)</strong></a>,
+<strong>nsswitch.conf(5)</strong>
+<p><a name="AUTHOR"></a>
+<h2>AUTHOR</h2>
+
+<p>The original Samba software and related utilities were created by
+Andrew Tridgell <a href="mailto:samba-bugs@samba.org"><em>samba-bugs@samba.org</em></a>. Samba is now developed
+by the Samba Team as an Open Source project similar to the way the
+Linux kernel is developed.
+<p>Winbindd was written by Tim Potter.
+</body>
+</html>
git.samba.org / samba.git / commitdiff