| [594] | 1 | '\" t
|
|---|
| [427] | 2 | .\" Title: winbindd
|
|---|
| 3 | .\" Author: [see the "AUTHOR" section]
|
|---|
| [594] | 4 | .\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
|
|---|
| 5 | .\" Date: 03/06/2011
|
|---|
| [427] | 6 | .\" Manual: System Administration tools
|
|---|
| 7 | .\" Source: Samba 3.5
|
|---|
| 8 | .\" Language: English
|
|---|
| 9 | .\"
|
|---|
| [594] | 10 | .TH "WINBINDD" "8" "03/06/2011" "Samba 3\&.5" "System Administration tools"
|
|---|
| [427] | 11 | .\" -----------------------------------------------------------------
|
|---|
| 12 | .\" * set default formatting
|
|---|
| 13 | .\" -----------------------------------------------------------------
|
|---|
| 14 | .\" disable hyphenation
|
|---|
| 15 | .nh
|
|---|
| 16 | .\" disable justification (adjust text to left margin only)
|
|---|
| 17 | .ad l
|
|---|
| 18 | .\" -----------------------------------------------------------------
|
|---|
| 19 | .\" * MAIN CONTENT STARTS HERE *
|
|---|
| 20 | .\" -----------------------------------------------------------------
|
|---|
| [594] | 21 | .SH "NAME"
|
|---|
| [427] | 22 | winbindd \- Name Service Switch daemon for resolving names from NT servers
|
|---|
| [594] | 23 | .SH "SYNOPSIS"
|
|---|
| [427] | 24 | .HP \w'\ 'u
|
|---|
| [594] | 25 | winbindd [\-D] [\-F] [\-S] [\-i] [\-Y] [\-d\ <debug\ level>] [\-s\ <smb\ config\ file>] [\-n]
|
|---|
| [427] | 26 | .SH "DESCRIPTION"
|
|---|
| 27 | .PP
|
|---|
| 28 | This program is part of the
|
|---|
| 29 | \fBsamba\fR(7)
|
|---|
| 30 | suite\&.
|
|---|
| 31 | .PP
|
|---|
| [594] | 32 | winbindd
|
|---|
| [427] | 33 | is a daemon that provides a number of services to the Name Service Switch capability found in most modern C libraries, to arbitrary applications via PAM and
|
|---|
| [594] | 34 | ntlm_auth
|
|---|
| [427] | 35 | and to Samba itself\&.
|
|---|
| 36 | .PP
|
|---|
| 37 | Even if winbind is not used for nsswitch, it still provides a service to
|
|---|
| [594] | 38 | smbd,
|
|---|
| 39 | ntlm_auth
|
|---|
| [427] | 40 | and the
|
|---|
| [594] | 41 | pam_winbind\&.so
|
|---|
| [427] | 42 | PAM module, by managing connections to domain controllers\&. In this configuraiton the
|
|---|
| 43 | \m[blue]\fBidmap uid\fR\m[]
|
|---|
| 44 | and
|
|---|
| 45 | \m[blue]\fBidmap gid\fR\m[]
|
|---|
| 46 | parameters are not required\&. (This is known as `netlogon proxy only mode\'\&.)
|
|---|
| 47 | .PP
|
|---|
| 48 | The Name Service Switch allows user and system information to be obtained from different databases services such as NIS or DNS\&. The exact behaviour can be configured through the
|
|---|
| [594] | 49 | /etc/nsswitch\&.conf
|
|---|
| [427] | 50 | file\&. Users and groups are allocated as they are resolved to a range of user and group ids specified by the administrator of the Samba system\&.
|
|---|
| 51 | .PP
|
|---|
| 52 | The service provided by
|
|---|
| [594] | 53 | winbindd
|
|---|
| [427] | 54 | is called `winbind\' and can be used to resolve user and group information from a Windows NT server\&. The service can also provide authentication services via an associated PAM module\&.
|
|---|
| 55 | .PP
|
|---|
| 56 | The
|
|---|
| [594] | 57 | pam_winbind
|
|---|
| [427] | 58 | module supports the
|
|---|
| 59 | \fIauth\fR,
|
|---|
| 60 | \fIaccount\fR
|
|---|
| 61 | and
|
|---|
| 62 | \fIpassword\fR
|
|---|
| 63 | module\-types\&. It should be noted that the
|
|---|
| 64 | \fIaccount\fR
|
|---|
| 65 | module simply performs a getpwnam() to verify that the system can obtain a uid for the user, as the domain controller has already performed access control\&. If the
|
|---|
| [594] | |
|---|
