docs/manpages-3/wbinfo.1.xml

   1 <?xml version="1.0" encoding="iso-8859-1"?>
   2 <!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
   3 <refentry id="wbinfo.1">
   4
   5 <refmeta>
   6         <refentrytitle>wbinfo</refentrytitle>
   7         <manvolnum>1</manvolnum>
   8 </refmeta>
   9
  10
  11 <refnamediv>
  12         <refname>wbinfo</refname>
  13         <refpurpose>Query information from winbind daemon</refpurpose>
  14 </refnamediv>
  15
  16 <refsynopsisdiv>
  17         <cmdsynopsis>
  18                 <command>wbinfo</command>
  19                 <arg choice="opt">-a user%password</arg>
  20                 <arg choice="opt">--all-domains</arg>
  21                 <arg choice="opt">--allocate-gid</arg>
  22                 <arg choice="opt">--allocate-uid</arg>
  23                 <arg choice="opt">-D domain</arg>
  24                 <arg choice="opt">--domain domain</arg>
  25                 <arg choice="opt">-g</arg>
  26                 <arg choice="opt">--getdcname domain</arg>
  27                 <arg choice="opt">--get-auth-user</arg>
  28                 <arg choice="opt">-G gid</arg>
  29                 <arg choice="opt">-h</arg>
  30                 <arg choice="opt">-i user</arg>
  31                 <arg choice="opt">-I ip</arg>
  32                 <arg choice="opt">-K user%password</arg>
  33                 <arg choice="opt">-m</arg>
  34                 <arg choice="opt">-n name</arg>
  35                 <arg choice="opt">-N netbios-name</arg>
  36                 <arg choice="opt">--own-domain</arg>
  37                 <arg choice="opt">-p</arg>
  38                 <arg choice="opt">-r user</arg>
  39                 <arg choice="opt">-s sid</arg>
  40                 <arg choice="opt">--separator</arg>
  41                 <arg choice="opt">--sequence</arg>
  42                 <arg choice="opt">--set-auth-user user%password</arg>
  43                 <arg choice="opt">-S sid</arg>
  44                 <arg choice="opt">-t</arg>
  45                 <arg choice="opt">-u</arg>
  46                 <arg choice="opt">--uid-info uid</arg>
  47                 <arg choice="opt">--user-domgroups sid</arg>
  48                 <arg choice="opt">--user-sids sid</arg>
  49                 <arg choice="opt">-U uid</arg>
  50                 <arg choice="opt">-V</arg>
  51                 <arg choice="opt">-Y sid</arg>
  52                 <arg choice="opt">--verbose</arg>
  53         </cmdsynopsis>
  54 </refsynopsisdiv>
  55
  56 <refsect1>
  57         <title>DESCRIPTION</title>
  58
  59         <para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
  60         <manvolnum>7</manvolnum></citerefentry> suite.</para>
  61
  62         <para>The <command>wbinfo</command> program queries and returns information
  63         created and used by the <citerefentry><refentrytitle>winbindd</refentrytitle>
  64         <manvolnum>8</manvolnum></citerefentry> daemon. </para>
  65
  66         <para>The <citerefentry><refentrytitle>winbindd</refentrytitle>
  67         <manvolnum>8</manvolnum></citerefentry> daemon must be configured
  68         and running for the <command>wbinfo</command> program to be able
  69         to return information.</para>
  70 </refsect1>
  71
  72 <refsect1>
  73         <title>OPTIONS</title>
  74
  75         <variablelist>
  76                 <varlistentry>
  77                 <term>-a|--authenticate username%password</term>
  78                 <listitem><para>Attempt to authenticate a user via winbindd.
  79                 This checks both authenticaion methods and reports its results.
  80                 </para><note><para>Do not be tempted to use this
  81                 functionality for authentication in third-party
  82                 applications.  Instead use <citerefentry><refentrytitle>ntlm_auth</refentrytitle>
  83         <manvolnum>1</manvolnum></citerefentry>.</para></note></listitem>
  84                 </varlistentry>
  85
  86                 <varlistentry>
  87                 <term>--allocate-gid</term>
  88                 <listitem><para>Get a new GID out of idmap
  89                 </para></listitem>
  90                 </varlistentry>
  91
  92                 <varlistentry>
  93                 <term>--allocate-uid</term>
  94                 <listitem><para>Get a new UID out of idmap
  95                 </para></listitem>
  96                 </varlistentry>
  97
  98                 <varlistentry>
  99                 <term>--all-domains</term>
 100                 <listitem><para>List all domains (trusted and
 101                 own domain).
 102                 </para></listitem>
 103                 </varlistentry>
 104
 105                 <varlistentry>
 106                 <term>--domain name</term>
 107                 <listitem><para>This parameter sets the domain on which any specified
 108                 operations will performed.  If special domain name '.' is used to represent
 109                 the current domain to which winbindd belongs.  Currently only the
 110                 <option>--sequence</option>,
 111                 <option>-u</option>, and <option>-g</option> options honor this parameter.
 112                 </para></listitem>
 113                 </varlistentry>
 114
 115                 <varlistentry>
 116                 <term>-D|--domain-info domain</term>
 117                 <listitem><para>Show most of the info we have about the domain.
 118                 </para></listitem>
 119                 </varlistentry>
 120
 121                 <varlistentry>
 122                 <term>-g|--domain-groups</term>
 123                 <listitem><para>This option will list all groups available
 124                 in the Windows NT domain for which the <citerefentry><refentrytitle>samba</refentrytitle>
 125                 <manvolnum>7</manvolnum></citerefentry> daemon is operating in. Groups in all trusted domains
 126                 will also be listed.  Note that this operation does not assign
 127                 group ids to any groups that have not already been
 128                 seen by <citerefentry><refentrytitle>winbindd</refentrytitle>
 129                 <manvolnum>8</manvolnum></citerefentry>. </para></listitem>
 130                 </varlistentry>
 131
 132                 <varlistentry>
 133                 <term>--get-auth-user</term>
 134                 <listitem><para>Print username and password used by winbindd
 135                 during session setup to a domain controller. Username
 136                 and password can be set using <option>--set-auth-user</option>.
 137                 Only available for root.</para></listitem>
 138                 </varlistentry>
 139
 140                 <varlistentry>
 141                 <term>--getdcname domain</term>
 142                 <listitem><para>Get the DC name for the specified domain.
 143                 </para></listitem>
 144                 </varlistentry>
 145
 146                 <varlistentry>
 147                 <term>-G|--gid-to-sid gid</term>
 148                 <listitem><para>Try to convert a UNIX group id to a Windows
 149                 NT SID.  If the gid specified does not refer to one within
 150                 the idmap gid range then the operation will fail. </para></listitem>
 151                 </varlistentry>
 152
 153                 <varlistentry>
 154                 <term>-i|--user-info user</term>
 155                 <listitem><para>Get user info.
 156                 </para></listitem>
 157                 </varlistentry>
 158
 159                 <varlistentry>
 160                 <term>-I|--WINS-by-ip ip</term>
 161                 <listitem><para>The <parameter>-I</parameter> option
 162                 queries <citerefentry><refentrytitle>winbindd</refentrytitle>
 163                 <manvolnum>8</manvolnum></citerefentry> to send a node status
 164                 request to get the NetBIOS name associated with the IP address
 165                 specified by the <parameter>ip</parameter> parameter.
 166                 </para></listitem>
 167                 </varlistentry>
 168
 169                 <varlistentry>
 170                 <term>-K|--krb5auth username%password</term>
 171                 <listitem><para>Attempt to authenticate a user via Kerberos.
 172                 </para></listitem>
 173                 </varlistentry>
 174
 175                 <varlistentry>
 176                 <term>-m|--trusted-domains</term>
 177                 <listitem><para>Produce a list of domains trusted by the
 178                 Windows NT server <citerefentry><refentrytitle>winbindd</refentrytitle>
 179                 <manvolnum>8</manvolnum></citerefentry> contacts
 180                 when resolving names.  This list does not include the Windows
 181                 NT domain the server is a Primary Domain Controller for.
 182                 </para></listitem>
 183                 </varlistentry>
 184
 185                 <varlistentry>
 186                 <term>-n|--name-to-sid name</term>
 187                 <listitem><para>The <parameter>-n</parameter> option
 188                 queries <citerefentry><refentrytitle>winbindd</refentrytitle>
 189                 <manvolnum>8</manvolnum></citerefentry> for the SID
 190                 associated with the name specified. Domain names can be specified
 191                 before the user name by using the winbind separator character.
 192                 For example CWDOM1/Administrator refers to the Administrator
 193                 user in the domain CWDOM1.  If no domain is specified then the
 194                 domain used is the one specified in the <citerefentry><refentrytitle>smb.conf</refentrytitle>
 195                 <manvolnum>5</manvolnum></citerefentry> <parameter>workgroup
 196                 </parameter> parameter. </para></listitem>
 197                 </varlistentry>
 198
 199                 <varlistentry>
 200                 <term>-N|--WINS-by-name name</term>
 201                 <listitem><para>The <parameter>-N</parameter> option
 202                 queries <citerefentry><refentrytitle>winbindd</refentrytitle>
 203                 <manvolnum>8</manvolnum></citerefentry> to query the WINS
 204                 server for the IP address associated with the NetBIOS name
 205                 specified by the <parameter>name</parameter> parameter.
 206                 </para></listitem>
 207                 </varlistentry>
 208
 209                 <varlistentry>
 210                 <term>--own-domain</term>
 211                 <listitem><para>List own domain.
 212                 </para></listitem>
 213                 </varlistentry>
 214
 215                 <varlistentry>
 216                 <term>-p|--ping</term>
 217                 <listitem><para>Check whether winbindd is still alive.
 218                 Prints out either 'succeeded' or 'failed'.
 219                 </para></listitem>
 220                 </varlistentry>
 221
 222                 <varlistentry>
 223                 <term>-r|--user-groups username</term>
 224                 <listitem><para>Try to obtain the list of UNIX group ids
 225                 to which the user belongs.  This only works for users
 226                 defined on a Domain Controller.
 227                 </para></listitem>
 228                 </varlistentry>
 229
 230                 <varlistentry>
 231                 <term>-s|--sid-to-name sid</term>
 232                 <listitem><para>Use <parameter>-s</parameter> to resolve
 233                 a SID to a name.  This is the inverse of the <parameter>-n
 234                 </parameter> option above.  SIDs must be specified as ASCII strings
 235                 in the traditional Microsoft format. For example,
 236                 S-1-5-21-1455342024-3071081365-2475485837-500. </para></listitem>
 237                 </varlistentry>
 238
 239                 <varlistentry>
 240                 <term>--separator</term>
 241                 <listitem><para>Get the active winbind separator.
 242                 </para></listitem>
 243
 244                 </varlistentry>
 245                 <varlistentry>
 246                 <term>--sequence</term>
 247                 <listitem><para>Show sequence numbers of
 248                 all known domains</para></listitem>
 249                 </varlistentry>
 250
 251                 <varlistentry>
 252                 <term>--set-auth-user username%password</term>
 253                 <listitem><para>Store username and password used by winbindd
 254                 during session setup to a domain controller.  This enables
 255                 winbindd to operate in a Windows 2000 domain with Restrict
 256                 Anonymous turned on (a.k.a. Permissions compatible with
 257                 Windows 2000 servers only).
 258                 </para></listitem>
 259                 </varlistentry>
 260
 261                 <varlistentry>
 262                 <term>-S|--sid-to-uid sid</term>
 263                 <listitem><para>Convert a SID to a UNIX user id.  If the SID
 264                 does not correspond to a UNIX user mapped by <citerefentry>
 265                 <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum>
 266                 </citerefentry> then the operation will fail. </para></listitem>
 267                 </varlistentry>
 268
 269                 <varlistentry>
 270                 <term>-t|--check-secret</term>
 271                 <listitem><para>Verify that the workstation trust account
 272                 created when the Samba server is added to the Windows NT
 273                 domain is working. </para></listitem>
 274                 </varlistentry>
 275
 276                 <varlistentry>
 277                 <term>-u|--domain-users</term>
 278                 <listitem><para>This option will list all users available
 279                 in the Windows NT domain for which the <citerefentry><refentrytitle>winbindd</refentrytitle>
 280                 <manvolnum>8</manvolnum></citerefentry> daemon is operating in. Users in all trusted domains
 281                 will also be listed.  Note that this operation does not assign
 282                 user ids to any users that have not already been seen by <citerefentry>
 283                 <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
 284                 .</para></listitem>
 285                 </varlistentry>
 286
 287                 <varlistentry>
 288                 <term>--uid-info UID</term>
 289                 <listitem><para>Get user info for the user conencted to
 290                 user id UID.</para></listitem>
 291                 </varlistentry>
 292
 293                 <varlistentry>
 294                 <term>--user-domgroups SID</term>
 295                 <listitem><para>Get user domain groups.
 296                 </para></listitem>
 297                 </varlistentry>
 298
 299                 <varlistentry>
 300                 <term>--user-sids SID</term>
 301                 <listitem><para>Get user group SIDs for user.
 302                 </para></listitem>
 303                 </varlistentry>
 304
 305                 <varlistentry>
 306                 <term>-U|--uid-to-sid uid</term>
 307                 <listitem><para>Try to convert a UNIX user id to a Windows NT
 308                 SID.  If the uid specified does not refer to one within
 309                 the idmap uid range then the operation will fail. </para></listitem>
 310                 </varlistentry>
 311
 312                 <varlistentry>
 313                   <term>--verbose</term>
 314                   <listitem><para>
 315                       Print additional information about the query
 316                       results.
 317                   </para></listitem>
 318                 </varlistentry>
 319
 320                 <varlistentry>
 321                 <term>-Y|--sid-to-gid sid</term>
 322                 <listitem><para>Convert a SID to a UNIX group id.  If the SID
 323                 does not correspond to a UNIX group mapped by <citerefentry>
 324                 <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum></citerefentry> then
 325                 the operation will fail. </para></listitem>
 326                 </varlistentry>
 327
 328
 329                 &stdarg.version;
 330                 &stdarg.help;
 331
 332         </variablelist>
 333 </refsect1>
 334
 335
 336 <refsect1>
 337         <title>EXIT STATUS</title>
 338
 339         <para>The wbinfo program returns 0 if the operation
 340         succeeded, or 1 if the operation failed.  If the <citerefentry>
 341         <refentrytitle>winbindd</refentrytitle><manvolnum>8</manvolnum>
 342         </citerefentry> daemon is not working <command>wbinfo</command> will always return
 343         failure. </para>
 344 </refsect1>
 345
 346
 347 <refsect1>
 348         <title>VERSION</title>
 349
 350         <para>This man page is correct for version 3.0 of
 351         the Samba suite.</para>
 352 </refsect1>
 353
 354 <refsect1>
 355         <title>SEE ALSO</title>
 356         <para><citerefentry><refentrytitle>winbindd</refentrytitle>
 357         <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>ntlm_auth</refentrytitle>
 358         <manvolnum>1</manvolnum></citerefentry></para>
 359 </refsect1>
 360
 361 <refsect1>
 362         <title>AUTHOR</title>
 363
 364         <para>The original Samba software and related utilities
 365         were created by Andrew Tridgell. Samba is now developed
 366         by the Samba Team as an Open Source project similar
 367         to the way the Linux kernel is developed.</para>
 368
 369         <para><command>wbinfo</command> and <command>winbindd</command>
 370         were written by Tim Potter.</para>
 371
 372         <para>The conversion to DocBook for Samba 2.2 was done
 373         by Gerald Carter. The conversion to DocBook XML 4.2 for Samba
 374         3.0 was done by Alexander Bokovoy.</para>
 375 </refsect1>
 376
 377 </refentry>