Context Navigation

winbindd.8@ 989

Visit:

Last change on this file since 989 was 989, checked in by Silvan Scherrer, 9 years ago
Samba Server: update vendor to version 4.4.7
File size: 14.4 KB

Line
1	'\" t
2	.\" Title: winbindd
3	.\" Author: [see the "AUTHOR" section]
4	.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
5	.\" Date: 10/25/2016
6	.\" Manual: System Administration tools
7	.\" Source: Samba 4.4
8	.\" Language: English
9	.\"
10	.TH "WINBINDD" "8" "10/25/2016" "Samba 4\&.4" "System Administration tools"
11	.\" -----------------------------------------------------------------
12	.\" * Define some portability stuff
13	.\" -----------------------------------------------------------------
14	.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
15	.\" http://bugs.debian.org/507673
16	.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
17	.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
18	.ie \n(.g .ds Aq \(aq
19	.el .ds Aq '
20	.\" -----------------------------------------------------------------
21	.\" * set default formatting
22	.\" -----------------------------------------------------------------
23	.\" disable hyphenation
24	.nh
25	.\" disable justification (adjust text to left margin only)
26	.ad l
27	.\" -----------------------------------------------------------------
28	.\" * MAIN CONTENT STARTS HERE *
29	.\" -----------------------------------------------------------------
30	.SH "NAME"
31	winbindd \- Name Service Switch daemon for resolving names from NT servers
32	.SH "SYNOPSIS"
33	.HP \w'\ 'u
34	winbindd [\-D\|\-\-daemon] [\-F\|\-\-foreground] [\-S\|\-\-stdout] [\-i\|\-\-interactive] [\-d\ <debug\ level>] [\-s\ <smb\ config\ file>] [\-n\|\-\-no\-caching] [\-\-no\-process\-group]
35	.SH "DESCRIPTION"
36	.PP
37	This program is part of the
38	\fBsamba\fR(7)
39	suite\&.
40	.PP
41	winbindd
42	is a daemon that provides a number of services to the Name Service Switch capability found in most modern C libraries, to arbitrary applications via PAM and
43	ntlm_auth
44	and to Samba itself\&.
45	.PP
46	Even if winbind is not used for nsswitch, it still provides a service to
47	smbd,
48	ntlm_auth
49	and the
50	pam_winbind\&.so
51	PAM module, by managing connections to domain controllers\&. In this configuration the
52	\m[blue]\fBidmap config * : range\fR\m[]
53	parameter is not required\&. (This is known as `netlogon proxy only mode\*(Aq\&.)
54	.PP
55	The Name Service Switch allows user and system information to be obtained from different databases services such as NIS or DNS\&. The exact behaviour can be configured through the
56	/etc/nsswitch\&.conf
57	file\&. Users and groups are allocated as they are resolved to a range of user and group ids specified by the administrator of the Samba system\&.
58	.PP
59	The service provided by
60	winbindd
61	is called `winbind\*(Aq and can be used to resolve user and group information from a Windows NT server\&. The service can also provide authentication services via an associated PAM module\&.
62	.PP
63	The
64	pam_winbind
65	module supports the
66	\fIauth\fR,
67	\fIaccount\fR
68	and
69	\fIpassword\fR
70	module\-types\&. It should be noted that the
71	\fIaccount\fR
72	module simply performs a getpwnam() to verify that the system can obtain a uid for the user, as the domain controller has already performed access control\&. If the
73	libnss_winbind
74	library has been correctly installed, or an alternate source of names configured, this should always succeed\&.
75	.PP
76	The following nsswitch databases are implemented by the winbindd service:
77	.PP
78	hosts
79	.RS 4
80	This feature is only available on IRIX\&. User information traditionally stored in the
81	hosts(5)
82	file and used by
83	gethostbyname(3)
84	functions\&. Names are resolved through the WINS server or by broadcast\&.
85	.RE
86	.PP
87	passwd
88	.RS 4
89	User information traditionally stored in the
90	passwd(5)
91	file and used by
92	getpwent(3)
93	functions\&.
94	.RE
95	.PP
96	group
97	.RS 4
98	Group information traditionally stored in the
99	group(5)
100	file and used by
101	getgrent(3)
102	functions\&.
103	.RE
104	.PP
105	For example, the following simple configuration in the
106	/etc/nsswitch\&.conf
107	file can be used to initially resolve user and group information from
108	/etc/passwd
109	and
110	/etc/group
111	and then from the Windows NT server\&.
112	.sp
113	.if n \{\
114	.RS 4
115	.\}
116	.nf
117	passwd: files winbind
118	group: files winbind
119	## only available on IRIX: use winbind to resolve hosts:
120	# hosts: files dns winbind
121	## All other NSS enabled systems should use libnss_wins\&.so like this:
122	hosts: files dns wins
123
124	.fi
125	.if n \{\
126	.RE
127	.\}
128	.PP
129	The following simple configuration in the
130	/etc/nsswitch\&.conf
131	file can be used to initially resolve hostnames from
132	/etc/hosts
133	and then from the WINS server\&.
134	.sp
135	.if n \{\
136	.RS 4
137	.\}
138	.nf
139	hosts: files wins
140	.fi
141	.if n \{\
142	.RE
143	.\}
144	.SH "OPTIONS"
145	.PP
146	\-D\|\-\-daemon
147	.RS 4
148	If specified, this parameter causes the server to operate as a daemon\&. That is, it detaches itself and runs in the background on the appropriate port\&. This switch is assumed if