| 1 | <?xml version="1.0" encoding="iso-8859-1"?> | 
|---|
| 2 | <!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> | 
|---|
| 3 | <refentry id="wbinfo.1"> | 
|---|
| 4 |  | 
|---|
| 5 | <refmeta> | 
|---|
| 6 | <refentrytitle>wbinfo</refentrytitle> | 
|---|
| 7 | <manvolnum>1</manvolnum> | 
|---|
| 8 | <refmiscinfo class="source">Samba</refmiscinfo> | 
|---|
| 9 | <refmiscinfo class="manual">User Commands</refmiscinfo> | 
|---|
| 10 | <refmiscinfo class="version">3.2</refmiscinfo> | 
|---|
| 11 | </refmeta> | 
|---|
| 12 |  | 
|---|
| 13 |  | 
|---|
| 14 | <refnamediv> | 
|---|
| 15 | <refname>wbinfo</refname> | 
|---|
| 16 | <refpurpose>Query information from winbind daemon</refpurpose> | 
|---|
| 17 | </refnamediv> | 
|---|
| 18 |  | 
|---|
| 19 | <refsynopsisdiv> | 
|---|
| 20 | <cmdsynopsis> | 
|---|
| 21 | <command>wbinfo</command> | 
|---|
| 22 | <arg choice="opt">-a user%password</arg> | 
|---|
| 23 | <arg choice="opt">--all-domains</arg> | 
|---|
| 24 | <arg choice="opt">--allocate-gid</arg> | 
|---|
| 25 | <arg choice="opt">--allocate-uid</arg> | 
|---|
| 26 | <arg choice="opt">-D domain</arg> | 
|---|
| 27 | <arg choice="opt">--domain domain</arg> | 
|---|
| 28 | <arg choice="opt">-g</arg> | 
|---|
| 29 | <arg choice="opt">--getdcname domain</arg> | 
|---|
| 30 | <arg choice="opt">--get-auth-user</arg> | 
|---|
| 31 | <arg choice="opt">-G gid</arg> | 
|---|
| 32 | <arg choice="opt">-h</arg> | 
|---|
| 33 | <arg choice="opt">-i user</arg> | 
|---|
| 34 | <arg choice="opt">-I ip</arg> | 
|---|
| 35 | <arg choice="opt">-K user%password</arg> | 
|---|
| 36 | <arg choice="opt">-m</arg> | 
|---|
| 37 | <arg choice="opt">-n name</arg> | 
|---|
| 38 | <arg choice="opt">-N netbios-name</arg> | 
|---|
| 39 | <arg choice="opt">--own-domain</arg> | 
|---|
| 40 | <arg choice="opt">-p</arg> | 
|---|
| 41 | <arg choice="opt">-r user</arg> | 
|---|
| 42 | <arg choice="opt">-s sid</arg> | 
|---|
| 43 | <arg choice="opt">--separator</arg> | 
|---|
| 44 | <arg choice="opt">--sequence</arg> | 
|---|
| 45 | <arg choice="opt">--set-auth-user user%password</arg> | 
|---|
| 46 | <arg choice="opt">-S sid</arg> | 
|---|
| 47 | <arg choice="opt">-t</arg> | 
|---|
| 48 | <arg choice="opt">-u</arg> | 
|---|
| 49 | <arg choice="opt">--uid-info uid</arg> | 
|---|
| 50 | <arg choice="opt">--user-domgroups sid</arg> | 
|---|
| 51 | <arg choice="opt">--user-sids sid</arg> | 
|---|
| 52 | <arg choice="opt">-U uid</arg> | 
|---|
| 53 | <arg choice="opt">-V</arg> | 
|---|
| 54 | <arg choice="opt">-Y sid</arg> | 
|---|
| 55 | <arg choice="opt">--verbose</arg> | 
|---|
| 56 | </cmdsynopsis> | 
|---|
| 57 | </refsynopsisdiv> | 
|---|
| 58 |  | 
|---|
| 59 | <refsect1> | 
|---|
| 60 | <title>DESCRIPTION</title> | 
|---|
| 61 |  | 
|---|
| 62 | <para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle> | 
|---|
| 63 | <manvolnum>7</manvolnum></citerefentry> suite.</para> | 
|---|
| 64 |  | 
|---|
| 65 | <para>The <command>wbinfo</command> program queries and returns information | 
|---|
| 66 | created and used by the <citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 67 | <manvolnum>8</manvolnum></citerefentry> daemon. </para> | 
|---|
| 68 |  | 
|---|
| 69 | <para>The <citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 70 | <manvolnum>8</manvolnum></citerefentry> daemon must be configured | 
|---|
| 71 | and running for the <command>wbinfo</command> program to be able | 
|---|
| 72 | to return information.</para> | 
|---|
| 73 | </refsect1> | 
|---|
| 74 |  | 
|---|
| 75 | <refsect1> | 
|---|
| 76 | <title>OPTIONS</title> | 
|---|
| 77 |  | 
|---|
| 78 | <variablelist> | 
|---|
| 79 | <varlistentry> | 
|---|
| 80 | <term>-a|--authenticate username%password</term> | 
|---|
| 81 | <listitem><para>Attempt to authenticate a user via winbindd. | 
|---|
| 82 | This checks both authenticaion methods and reports its results. | 
|---|
| 83 | </para><note><para>Do not be tempted to use this | 
|---|
| 84 | functionality for authentication in third-party | 
|---|
| 85 | applications.  Instead use <citerefentry><refentrytitle>ntlm_auth</refentrytitle> | 
|---|
| 86 | <manvolnum>1</manvolnum></citerefentry>.</para></note></listitem> | 
|---|
| 87 | </varlistentry> | 
|---|
| 88 |  | 
|---|
| 89 | <varlistentry> | 
|---|
| 90 | <term>--allocate-gid</term> | 
|---|
| 91 | <listitem><para>Get a new GID out of idmap | 
|---|
| 92 | </para></listitem> | 
|---|
| 93 | </varlistentry> | 
|---|
| 94 |  | 
|---|
| 95 | <varlistentry> | 
|---|
| 96 | <term>--allocate-uid</term> | 
|---|
| 97 | <listitem><para>Get a new UID out of idmap | 
|---|
| 98 | </para></listitem> | 
|---|
| 99 | </varlistentry> | 
|---|
| 100 |  | 
|---|
| 101 | <varlistentry> | 
|---|
| 102 | <term>--all-domains</term> | 
|---|
| 103 | <listitem><para>List all domains (trusted and | 
|---|
| 104 | own domain). | 
|---|
| 105 | </para></listitem> | 
|---|
| 106 | </varlistentry> | 
|---|
| 107 |  | 
|---|
| 108 | <varlistentry> | 
|---|
| 109 | <term>--domain name</term> | 
|---|
| 110 | <listitem><para>This parameter sets the domain on which any specified | 
|---|
| 111 | operations will performed.  If special domain name '.' is used to represent | 
|---|
| 112 | the current domain to which winbindd belongs.  Currently only the | 
|---|
| 113 | <option>--sequence</option>, | 
|---|
| 114 | <option>-u</option>, and <option>-g</option> options honor this parameter. | 
|---|
| 115 | </para></listitem> | 
|---|
| 116 | </varlistentry> | 
|---|
| 117 |  | 
|---|
| 118 | <varlistentry> | 
|---|
| 119 | <term>-D|--domain-info domain</term> | 
|---|
| 120 | <listitem><para>Show most of the info we have about the domain. | 
|---|
| 121 | </para></listitem> | 
|---|
| 122 | </varlistentry> | 
|---|
| 123 |  | 
|---|
| 124 | <varlistentry> | 
|---|
| 125 | <term>-g|--domain-groups</term> | 
|---|
| 126 | <listitem><para>This option will list all groups available | 
|---|
| 127 | in the Windows NT domain for which the <citerefentry><refentrytitle>samba</refentrytitle> | 
|---|
| 128 | <manvolnum>7</manvolnum></citerefentry> daemon is operating in. Groups in all trusted domains | 
|---|
| 129 | will also be listed.  Note that this operation does not assign | 
|---|
| 130 | group ids to any groups that have not already been | 
|---|
| 131 | seen by <citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 132 | <manvolnum>8</manvolnum></citerefentry>. </para></listitem> | 
|---|
| 133 | </varlistentry> | 
|---|
| 134 |  | 
|---|
| 135 | <varlistentry> | 
|---|
| 136 | <term>--get-auth-user</term> | 
|---|
| 137 | <listitem><para>Print username and password used by winbindd | 
|---|
| 138 | during session setup to a domain controller. Username | 
|---|
| 139 | and password can be set using <option>--set-auth-user</option>. | 
|---|
| 140 | Only available for root.</para></listitem> | 
|---|
| 141 | </varlistentry> | 
|---|
| 142 |  | 
|---|
| 143 | <varlistentry> | 
|---|
| 144 | <term>--getdcname domain</term> | 
|---|
| 145 | <listitem><para>Get the DC name for the specified domain. | 
|---|
| 146 | </para></listitem> | 
|---|
| 147 | </varlistentry> | 
|---|
| 148 |  | 
|---|
| 149 | <varlistentry> | 
|---|
| 150 | <term>-G|--gid-to-sid gid</term> | 
|---|
| 151 | <listitem><para>Try to convert a UNIX group id to a Windows | 
|---|
| 152 | NT SID.  If the gid specified does not refer to one within | 
|---|
| 153 | the idmap gid range then the operation will fail. </para></listitem> | 
|---|
| 154 | </varlistentry> | 
|---|
| 155 |  | 
|---|
| 156 | <varlistentry> | 
|---|
| 157 | <term>-i|--user-info user</term> | 
|---|
| 158 | <listitem><para>Get user info. | 
|---|
| 159 | </para></listitem> | 
|---|
| 160 | </varlistentry> | 
|---|
| 161 |  | 
|---|
| 162 | <varlistentry> | 
|---|
| 163 | <term>-I|--WINS-by-ip ip</term> | 
|---|
| 164 | <listitem><para>The <parameter>-I</parameter> option | 
|---|
| 165 | queries <citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 166 | <manvolnum>8</manvolnum></citerefentry> to send a node status | 
|---|
| 167 | request to get the NetBIOS name associated with the IP address | 
|---|
| 168 | specified by the <parameter>ip</parameter> parameter. | 
|---|
| 169 | </para></listitem> | 
|---|
| 170 | </varlistentry> | 
|---|
| 171 |  | 
|---|
| 172 | <varlistentry> | 
|---|
| 173 | <term>-K|--krb5auth username%password</term> | 
|---|
| 174 | <listitem><para>Attempt to authenticate a user via Kerberos. | 
|---|
| 175 | </para></listitem> | 
|---|
| 176 | </varlistentry> | 
|---|
| 177 |  | 
|---|
| 178 | <varlistentry> | 
|---|
| 179 | <term>-m|--trusted-domains</term> | 
|---|
| 180 | <listitem><para>Produce a list of domains trusted by the | 
|---|
| 181 | Windows NT server <citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 182 | <manvolnum>8</manvolnum></citerefentry> contacts | 
|---|
| 183 | when resolving names.  This list does not include the Windows | 
|---|
| 184 | NT domain the server is a Primary Domain Controller for. | 
|---|
| 185 | </para></listitem> | 
|---|
| 186 | </varlistentry> | 
|---|
| 187 |  | 
|---|
| 188 | <varlistentry> | 
|---|
| 189 | <term>-n|--name-to-sid name</term> | 
|---|
| 190 | <listitem><para>The <parameter>-n</parameter> option | 
|---|
| 191 | queries <citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 192 | <manvolnum>8</manvolnum></citerefentry> for the SID | 
|---|
| 193 | associated with the name specified. Domain names can be specified | 
|---|
| 194 | before the user name by using the winbind separator character. | 
|---|
| 195 | For example CWDOM1/Administrator refers to the Administrator | 
|---|
| 196 | user in the domain CWDOM1.  If no domain is specified then the | 
|---|
| 197 | domain used is the one specified in the <citerefentry><refentrytitle>smb.conf</refentrytitle> | 
|---|
| 198 | <manvolnum>5</manvolnum></citerefentry> <parameter>workgroup | 
|---|
| 199 | </parameter> parameter. </para></listitem> | 
|---|
| 200 | </varlistentry> | 
|---|
| 201 |  | 
|---|
| 202 | <varlistentry> | 
|---|
| 203 | <term>-N|--WINS-by-name name</term> | 
|---|
| 204 | <listitem><para>The <parameter>-N</parameter> option | 
|---|
| 205 | queries <citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 206 | <manvolnum>8</manvolnum></citerefentry> to query the WINS | 
|---|
| 207 | server for the IP address associated with the NetBIOS name | 
|---|
| 208 | specified by the <parameter>name</parameter> parameter. | 
|---|
| 209 | </para></listitem> | 
|---|
| 210 | </varlistentry> | 
|---|
| 211 |  | 
|---|
| 212 | <varlistentry> | 
|---|
| 213 | <term>--own-domain</term> | 
|---|
| 214 | <listitem><para>List own domain. | 
|---|
| 215 | </para></listitem> | 
|---|
| 216 | </varlistentry> | 
|---|
| 217 |  | 
|---|
| 218 | <varlistentry> | 
|---|
| 219 | <term>-p|--ping</term> | 
|---|
| 220 | <listitem><para>Check whether winbindd is still alive. | 
|---|
| 221 | Prints out either 'succeeded' or 'failed'. | 
|---|
| 222 | </para></listitem> | 
|---|
| 223 | </varlistentry> | 
|---|
| 224 |  | 
|---|
| 225 | <varlistentry> | 
|---|
| 226 | <term>-r|--user-groups username</term> | 
|---|
| 227 | <listitem><para>Try to obtain the list of UNIX group ids | 
|---|
| 228 | to which the user belongs.  This only works for users | 
|---|
| 229 | defined on a Domain Controller. | 
|---|
| 230 | </para></listitem> | 
|---|
| 231 | </varlistentry> | 
|---|
| 232 |  | 
|---|
| 233 | <varlistentry> | 
|---|
| 234 | <term>-s|--sid-to-name sid</term> | 
|---|
| 235 | <listitem><para>Use <parameter>-s</parameter> to resolve | 
|---|
| 236 | a SID to a name.  This is the inverse of the <parameter>-n | 
|---|
| 237 | </parameter> option above.  SIDs must be specified as ASCII strings | 
|---|
| 238 | in the traditional Microsoft format. For example, | 
|---|
| 239 | S-1-5-21-1455342024-3071081365-2475485837-500. </para></listitem> | 
|---|
| 240 | </varlistentry> | 
|---|
| 241 |  | 
|---|
| 242 | <varlistentry> | 
|---|
| 243 | <term>--separator</term> | 
|---|
| 244 | <listitem><para>Get the active winbind separator. | 
|---|
| 245 | </para></listitem> | 
|---|
| 246 |  | 
|---|
| 247 | </varlistentry> | 
|---|
| 248 | <varlistentry> | 
|---|
| 249 | <term>--sequence</term> | 
|---|
| 250 | <listitem><para>Show sequence numbers of | 
|---|
| 251 | all known domains</para></listitem> | 
|---|
| 252 | </varlistentry> | 
|---|
| 253 |  | 
|---|
| 254 | <varlistentry> | 
|---|
| 255 | <term>--set-auth-user username%password</term> | 
|---|
| 256 | <listitem><para>Store username and password used by winbindd | 
|---|
| 257 | during session setup to a domain controller.  This enables | 
|---|
| 258 | winbindd to operate in a Windows 2000 domain with Restrict | 
|---|
| 259 | Anonymous turned on (a.k.a. Permissions compatible with | 
|---|
| 260 | Windows 2000 servers only). | 
|---|
| 261 | </para></listitem> | 
|---|
| 262 | </varlistentry> | 
|---|
| 263 |  | 
|---|
| 264 | <varlistentry> | 
|---|
| 265 | <term>-S|--sid-to-uid sid</term> | 
|---|
| 266 | <listitem><para>Convert a SID to a UNIX user id.  If the SID | 
|---|
| 267 | does not correspond to a UNIX user mapped by <citerefentry> | 
|---|
| 268 | <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum> | 
|---|
| 269 | </citerefentry> then the operation will fail. </para></listitem> | 
|---|
| 270 | </varlistentry> | 
|---|
| 271 |  | 
|---|
| 272 | <varlistentry> | 
|---|
| 273 | <term>-t|--check-secret</term> | 
|---|
| 274 | <listitem><para>Verify that the workstation trust account | 
|---|
| 275 | created when the Samba server is added to the Windows NT | 
|---|
| 276 | domain is working. </para></listitem> | 
|---|
| 277 | </varlistentry> | 
|---|
| 278 |  | 
|---|
| 279 | <varlistentry> | 
|---|
| 280 | <term>-u|--domain-users</term> | 
|---|
| 281 | <listitem><para>This option will list all users available | 
|---|
| 282 | in the Windows NT domain for which the <citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 283 | <manvolnum>8</manvolnum></citerefentry> daemon is operating in. Users in all trusted domains | 
|---|
| 284 | will also be listed.  Note that this operation does not assign | 
|---|
| 285 | user ids to any users that have not already been seen by <citerefentry> | 
|---|
| 286 | <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum></citerefentry> | 
|---|
| 287 | .</para></listitem> | 
|---|
| 288 | </varlistentry> | 
|---|
| 289 |  | 
|---|
| 290 | <varlistentry> | 
|---|
| 291 | <term>--uid-info UID</term> | 
|---|
| 292 | <listitem><para>Get user info for the user conencted to | 
|---|
| 293 | user id UID.</para></listitem> | 
|---|
| 294 | </varlistentry> | 
|---|
| 295 |  | 
|---|
| 296 | <varlistentry> | 
|---|
| 297 | <term>--user-domgroups SID</term> | 
|---|
| 298 | <listitem><para>Get user domain groups. | 
|---|
| 299 | </para></listitem> | 
|---|
| 300 | </varlistentry> | 
|---|
| 301 |  | 
|---|
| 302 | <varlistentry> | 
|---|
| 303 | <term>--user-sids SID</term> | 
|---|
| 304 | <listitem><para>Get user group SIDs for user. | 
|---|
| 305 | </para></listitem> | 
|---|
| 306 | </varlistentry> | 
|---|
| 307 |  | 
|---|
| 308 | <varlistentry> | 
|---|
| 309 | <term>-U|--uid-to-sid uid</term> | 
|---|
| 310 | <listitem><para>Try to convert a UNIX user id to a Windows NT | 
|---|
| 311 | SID.  If the uid specified does not refer to one within | 
|---|
| 312 | the idmap uid range then the operation will fail. </para></listitem> | 
|---|
| 313 | </varlistentry> | 
|---|
| 314 |  | 
|---|
| 315 | <varlistentry> | 
|---|
| 316 | <term>--verbose</term> | 
|---|
| 317 | <listitem><para> | 
|---|
| 318 | Print additional information about the query | 
|---|
| 319 | results. | 
|---|
| 320 | </para></listitem> | 
|---|
| 321 | </varlistentry> | 
|---|
| 322 |  | 
|---|
| 323 | <varlistentry> | 
|---|
| 324 | <term>-Y|--sid-to-gid sid</term> | 
|---|
| 325 | <listitem><para>Convert a SID to a UNIX group id.  If the SID | 
|---|
| 326 | does not correspond to a UNIX group mapped by <citerefentry> | 
|---|
| 327 | <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum></citerefentry> then | 
|---|
| 328 | the operation will fail. </para></listitem> | 
|---|
| 329 | </varlistentry> | 
|---|
| 330 |  | 
|---|
| 331 |  | 
|---|
| 332 | &stdarg.version; | 
|---|
| 333 | &stdarg.help; | 
|---|
| 334 |  | 
|---|
| 335 | </variablelist> | 
|---|
| 336 | </refsect1> | 
|---|
| 337 |  | 
|---|
| 338 |  | 
|---|
| 339 | <refsect1> | 
|---|
| 340 | <title>EXIT STATUS</title> | 
|---|
| 341 |  | 
|---|
| 342 | <para>The wbinfo program returns 0 if the operation | 
|---|
| 343 | succeeded, or 1 if the operation failed.  If the <citerefentry> | 
|---|
| 344 | <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum> | 
|---|
| 345 | </citerefentry> daemon is not working <command>wbinfo</command> will always return | 
|---|
| 346 | failure. </para> | 
|---|
| 347 | </refsect1> | 
|---|
| 348 |  | 
|---|
| 349 |  | 
|---|
| 350 | <refsect1> | 
|---|
| 351 | <title>VERSION</title> | 
|---|
| 352 |  | 
|---|
| 353 | <para>This man page is correct for version 3 of | 
|---|
| 354 | the Samba suite.</para> | 
|---|
| 355 | </refsect1> | 
|---|
| 356 |  | 
|---|
| 357 | <refsect1> | 
|---|
| 358 | <title>SEE ALSO</title> | 
|---|
| 359 | <para><citerefentry><refentrytitle>winbindd</refentrytitle> | 
|---|
| 360 | <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>ntlm_auth</refentrytitle> | 
|---|
| 361 | <manvolnum>1</manvolnum></citerefentry></para> | 
|---|
| 362 | </refsect1> | 
|---|
| 363 |  | 
|---|
| 364 | <refsect1> | 
|---|
| 365 | <title>AUTHOR</title> | 
|---|
| 366 |  | 
|---|
| 367 | <para>The original Samba software and related utilities | 
|---|
| 368 | were created by Andrew Tridgell. Samba is now developed | 
|---|
| 369 | by the Samba Team as an Open Source project similar | 
|---|
| 370 | to the way the Linux kernel is developed.</para> | 
|---|
| 371 |  | 
|---|
| 372 | <para><command>wbinfo</command> and <command>winbindd</command> | 
|---|
| 373 | were written by Tim Potter.</para> | 
|---|
| 374 |  | 
|---|
| 375 | <para>The conversion to DocBook for Samba 2.2 was done | 
|---|
| 376 | by Gerald Carter. The conversion to DocBook XML 4.2 for Samba | 
|---|
| 377 | 3.0 was done by Alexander Bokovoy.</para> | 
|---|
| 378 | </refsect1> | 
|---|
| 379 |  | 
|---|
| 380 | </refentry> | 
|---|