2024-12-25 23:21:54 +03:00 · 0001-01-01 00:00:00 +00:00 · 0001-01-01 00:00:00 +00:00 · dbe26556e7
commit dbe26556e7
parent cd5e249427
1 changed files with 217 additions and 0 deletions
--- a/docs/yodldocs/winbindd.8.yo
+++ b/docs/yodldocs/winbindd.8.yo
@ -0,0 +1,217 @@
+mailto(samba-bugs@samba.org)
+manpage(winbindd htmlcommand((1)))(1)(8 May 2000)(Samba)(SAMBA)
+
+label(NAME)
+manpagename(winbindd)(Name Service Switch daemon for resolving names from NT servers)
+
+label(SYNOPSIS)
+manpagesynopsis() 
+
+bf(winbindd) [link(-d debuglevel)(minusd)] [link(-i)(minusi)]
+
+label(DESCRIPTION)
+manpagedescription()
+
+This program is part of the bf(Samba) suite version 3.0 and describes
+functionality not yet implemented in the main version of Samba.
+
+bf(winbindd) is a daemon that provides a service for the Name Service
+Switch capability that is present in most modern C libraries.  The Name
+Service Switch allows user and system information to be obtained from
+different databases services such as NIS or DNS.  The exact behaviour can
+be configured throught the tt(/etc/nsswitch.conf) file.  Users and groups
+are allocated as they are resolved to a range of user and group ids
+specified by the administrator of the Samba system.  
+
+The service provided by bf(winbindd) is called `ntdom' and can be used to
+resolve user and group information from a Windows NT server.  
+
+The following nsswitch databases are implemented by the bf(winbindd)
+service:
+
+startdit()
+
+dit(passwd)
+
+User information traditionally stored in the bf(passwd(5)) file and used by
+bf(getpwent(3)) functions.
+
+dit(group)
+
+Group information traditionally stored in the bf(group(5)) file and used by
+bf(getgrent(3)) functions.
+
+enddit()
+
+For example, the following simple configuration in the
+tt(/etc/nsswitch.conf) file can be used to initially resolve user and group
+information from tt(/etc/passwd) and tt(/etc/group) and then from the
+Windows NT server.
+
+passwd:         files ntdom
+group:          files ntdom
+
+label(OPTIONS)
+manpageoptions()
+
+The following options are available to the bf(winbindd) daemon:
+
+startdit()
+
+label(minusd)
+dit(bf(-d debuglevel))
+Sets the debuglevel to an integer between 0 and 100. 0 is for no debugging
+and 100 is for reams and reams. To submit a bug report to the Samba Team,
+use debug level 100 (see bf(BUGS.txt)).  
+
+label(minusi)
+dit(bf(-i))
+Tells winbindd to not become a daemon and detach from the current terminal.
+This option is used by developers when interactive debugging of winbindd is
+required.
+
+enddit()
+
+label(NAMEANDIDRESOLUTION)
+manpagesection(NAME AND ID RESOLUTION)
+
+Users and groups on a Windows NT server are assigned a relative id (rid)
+which is unique for the domain when the user or group is created.  To
+convert the Windows NT user or group into a unix user or group, a mapping
+between rids and unix user and group ids is required.  This is one of the
+jobs that bf(winbindd) performs.
+
+As bf(winbindd) users and groups are resolved from a server, user and group
+ids are allocated from a specified range.  This is done on a first come,
+first served basis, although all existing users and groups will be mapped
+as soon as a client performs a user or group enumeration command.  The
+allocated unix ids are stored in a database file under the Samba lock
+directory and will be remembered.
+
+WARNING: The rid to unix id database is the only location where the user
+and group mappings are stored by bf(winbindd).  If this file is deleted or
+corrupted, there is no way for bf(winbindd) to determine which user and
+group ids correspond to Windows NT user and group rids.
+
+label(CONFIGURATION)
+manpagesection(CONFIGURATION)
+
+Configuration of the bf(winbindd) daemon is done through configuration
+parameters in the url(bf(smb.conf))(smb.conf.5.html) file.  All parameters
+should be specified in the [global] section of
+url(bf(smb.conf))(smb.conf.5.html).
+
+startdit()
+
+dit(winbind uid)
+
+The winbind uid parameter specifies the range of user ids that are
+allocated by the url(bf(winbindd))(winbindd.8.html) daemon.  This range of
+ids should have no existing local or nis users within it as strange
+conflicts can occur otherwise.
+
+  bf(Default:)
+tt(     winbind uid = <empty string>)
+
+  bf(Example:)
+tt(     winbind uid = 10000-20000)
+
+dit(winbind gid)
+
+The winbind gid parameter specifies the range of group ids that are
+allocated by the url(bf(winbindd))(winbindd.8.html) daemon.  This range of
+group ids should have no existing local or nis groups within it as strange
+conflicts can occur otherwise.
+
+  bf(Default:)
+tt(     winbind gid = <empty string>)
+
+  bf(Example:)
+tt(     winbind gid = 10000-20000)
+
+dit(winbind cache time)
+
+This parameter specifies the number of seconds the
+url(bf(winbindd))(winbindd.8.html) daemon will cache user and group
+information before querying a Windows NT server again.
+
+  bf(Default:)
+tt(     winbind cache type = 15)
+
+dit(template homedir)
+
+When filling out the user information for a Windows NT user, the
+url(bf(winbindd))(winbindd.8.html) daemon uses this parameter to fill in
+the home directory for that user.  If the string tt(%D) is present it is
+substituted with the user's Windows NT domain name.  If the string tt(%U)
+is present it is substituted with the user's Windows NT user name.
+
+  bf(Default:)
+tt(     template homedir = /home/%D/%U)
+
+dit(template shell)
+
+When filling out the user information for a Windows NT user, the
+url(bf(winbindd))(winbindd.8.html) daemon uses this parameter to fill in
+the home directory for that user.  If the string tt(%D) is present it is
+substituted with the user's Windows NT domain name.  If the string tt(%U)
+is present it is substituted with the user's Windows NT user name.
+
+  bf(Default:)
+tt(     template homedir = /home/%D/%U)
+
+enddit()
+
+label(FILES)
+manpagefiles()
+
+The following files are relevant to the operation of the bf(winbindd)
+daemon.
+
+startdit()
+
+dit(/etc/nsswitch.conf(5))
+
+Name service switch configuration file.
+
+dit(/tmp/.winbindd/pipe)
+
+The UNIX pipe over which clients communicate with the bf(winbindd) program.
+For security reasons, the ntdom client will only attempt to connect to the
+bf(winbindd) daemon if both the tt(/tmp/.winbindd) directory and
+tt(/tmp/.winbindd/pipe) file are owned by root.
+
+dit(/lib/libnss_ntdom.so.X)
+
+Implementation of name service switch library. 
+
+dit($LOCKDIR/winbindd_idmap.tdb)
+
+Storage for the Windows NT rid to UNIX user/group id mapping.  If this file
+is damaged or destroyed then the mappings will be lost.
+
+The lock directory is specified when Samba is initially compiled using the
+tt(--with-lockdir) option.  This directory is by default
+tt(/usr/local/samba/var/locks).
+
+dit($LOCKDIR/winbindd_cache.tdb)
+
+Storage for cached user and group information.
+
+enddit()
+
+label(SEEALSO)
+manpageseealso()
+
+url(bf(samba(7)))(samba.7.html), url(bf(smb.conf(5)))(smb.conf.5.html), 
+bf(nsswitch.conf(5))
+
+label(AUTHOR)
+manpageauthor()
+
+The original Samba software and related utilities were created by
+Andrew Tridgell email(samba-bugs@samba.org). Samba is now developed
+by the Samba Team as an Open Source project similar to the way the
+Linux kernel is developed.
+
+Winbindd was written by Tim Potter.