1WBINFO(1) User Commands WBINFO(1)
2
6 wbinfo - Query information from winbind daemon
7
9 wbinfo [-a user%password] [--all-domains] [--allocate-gid]
10 [--allocate-uid] [-c] [--ccache-save] [--change-user-password]
11 [-D domain] [--domain domain] [--dsgetdcname domain] [-g]
12 [--getdcname domain] [--get-auth-user] [-G gid] [--gid-info]
13 [--group-info] [--help|-?] [-i user] [-I ip] [-K user%password]
14 [--lanman] [-m] [-n name] [-N netbios-name] [--ntlmv2]
15 [--online-status] [--own-domain] [-p] [-P|--ping-dc] [-r user]
16 [-R|--lookup-rids] [--remove-uid-mapping uid,sid]
17 [--remove-gid-mapping gid,sid] [-s sid] [--separator] [--sequence]
18 [--set-auth-user user%password] [--set-uid-mapping uid,sid]
19 [--set-gid-mapping gid,sid] [-S sid] [--sid-aliases]
20 [--sid-to-fullname] [-t] [-u] [--uid-info uid] [--usage]
21 [--user-domgroups sid] [--user-sids sid] [-U uid] [-V] [--verbose]
22 [-Y sid]
23
25 This tool is part of the samba(7) suite.
26 The wbinfo program queries and returns information created and used by
28 the winbindd(8) daemon.
29 The winbindd(8) daemon must be configured and running for the wbinfo
31 program to be able to return information.
32
34 -a|--authenticate username%password
35 Attempt to authenticate a user via winbindd(8). This checks both
36 authentication methods and reports its results.
37 Note
39 Do not be tempted to use this functionality for authentication
40 in third-party applications. Instead use ntlm_auth(1).
41 --allocate-gid
43 Get a new GID out of idmap
44 --allocate-uid
46 Get a new UID out of idmap
47 --all-domains
49 List all domains (trusted and own domain).
50 -c|--change-secret
52 Change the trust account password. May be used in conjunction with
53 domain in order to change interdomain trust account passwords.
54 --ccache-save username%password
56 Store user and password for ccache.
57 --change-user-password username
59 Change the password of a user. The old and new password will be
60 prompted.
61 --domain name
63 This parameter sets the domain on which any specified operations
64 will performed. If special domain name ´.´ is used to represent the
65 current domain to which winbindd(8) belongs. Currently only the
66 --sequence, -u, and -g options honor this parameter.
67 -D|--domain-info domain
69 Show most of the info we have about the specified domain.
70 --dsgetdcname domain
72 Find a DC for a domain.
73 --gid-info gid
75 Get group info from gid.
76 --group-info user
78 Get group info for user.
79 -g|--domain-groups
81 This option will list all groups available in the Windows NT domain
82 for which the samba(7) daemon is operating in. Groups in all
83 trusted domains will also be listed. Note that this operation does
84 not assign group ids to any groups that have not already been seen
85 by winbindd(8).
86 --get-auth-user
88 Print username and password used by winbindd(8) during session
89 setup to a domain controller. Username and password can be set
90 using --set-auth-user. Only available for root.
91 --getdcname domain
93 Get the DC name for the specified domain.
94 -G|--gid-to-sid gid
96 Try to convert a UNIX group id to a Windows NT SID. If the gid
97 specified does not refer to one within the idmap gid range then the
98 operation will fail.
99 -?
101 Print brief help overview.
102 -i|--user-info user
104 Get user info.
105 -I|--WINS-by-ip ip
107 The -I option queries winbindd(8) to send a node status request to
108 get the NetBIOS name associated with the IP address specified by
109 the ip parameter.
110 -K|--krb5auth username%password
112 Attempt to authenticate a user via Kerberos.
113 --lanman
115 Use lanman cryptography for user authentication.
116 -m|--trusted-domains
118 Produce a list of domains trusted by the Windows NT server
119 winbindd(8) contacts when resolving names. This list does not
120 include the Windows NT domain the server is a Primary Domain
121 Controller for.
122 -n|--name-to-sid name
124 The -n option queries winbindd(8) for the SID associated with the
125 name specified. Domain names can be specified before the user name
126 by using the winbind separator character. For example
127 CWDOM1/Administrator refers to the Administrator user in the domain
128 CWDOM1. If no domain is specified then the domain used is the one
129 specified in the smb.conf(5) workgroup parameter.
130 -N|--WINS-by-name name
132 The -N option queries winbindd(8) to query the WINS server for the
133 IP address associated with the NetBIOS name specified by the name
134 parameter.
135 --ntlmv2
137 Use NTLMv2 cryptography for user authentication.
138 --online-status domain
140 Show whether domains are marked as online or offline. An optional
141 domain argument limits the output to the online status of a given
142 domain.
143 --own-domain
145 List own domain.
146 -p|--ping
148 Check whether winbindd(8) is still alive. Prints out either
149 ´succeeded´ or ´failed´.
150 -r|--user-groups username
152 Try to obtain the list of UNIX group ids to which the user belongs.
153 This only works for users defined on a Domain Controller.
154 -R|--lookup-rids rid1, rid2, rid3...
156 Converts RIDs to names. Uses a comma separated list of rids.
157 -s|--sid-to-name sid
159 Use -s to resolve a SID to a name. This is the inverse of the -n
160 option above. SIDs must be specified as ASCII strings in the
161 traditional Microsoft format. For example,
162 S-1-5-21-1455342024-3071081365-2475485837-500.
163 --separator
165 Get the active winbind separator.
166 --sequence
168 Show sequence numbers of all known domains.
169 --set-auth-user username%password
171 Store username and password used by winbindd(8) during session
172 setup to a domain controller. This enables winbindd to operate in a
173 Windows 2000 domain with Restrict Anonymous turned on (a.k.a.
174 Permissions compatible with Windows 2000 servers only).
175 -S|--sid-to-uid sid
177 Convert a SID to a UNIX user id. If the SID does not correspond to
178 a UNIX user mapped by winbindd(8) then the operation will fail.
179 --sid-aliases sid
181 Get SID aliases for a given SID.
182 --sid-to-fullname sid
184 Converts a SID to a full username (DOMAIN\username).
185 -t|--check-secret
187 Verify that the workstation trust account created when the Samba
188 server is added to the Windows NT domain is working. May be used in
189 conjunction with domain in order to verify interdomain trust
190 accounts.
191 -u|--domain-users
193 This option will list all users available in the Windows NT domain
194 for which the winbindd(8) daemon is operating in. Users in all
195 trusted domains will also be listed. Note that this operation does
196 not assign user ids to any users that have not already been seen by
197 winbindd(8) .
198 --uid-info uid
200 Get user info for the user connected to user id UID.
201 --usage
203 Print brief help overview.
204 --user-domgroups sid
206 Get user domain groups.
207 --user-sids sid
209 Get user group SIDs for user.
210 -U|--uid-to-sid uid
212 Try to convert a UNIX user id to a Windows NT SID. If the uid
213 specified does not refer to one within the idmap uid range then the
214 operation will fail.
215 --verbose
217 Print additional information about the query results.
218 -Y|--sid-to-gid sid
220 Convert a SID to a UNIX group id. If the SID does not correspond to
221 a UNIX group mapped by winbindd(8) then the operation will fail.
222 --remove-uid-mapping uid,sid
224 Remove an existing uid to sid mapping entry from the IDmap backend.
225 --remove-gid-mapping gid,sid
227 Remove an existing gid to sid mapping entry from the IDmap backend.
228 --set-uid-mapping uid,sid
230 Create a new or modify an existing uid to sid mapping in the IDmap
231 backend.
232 --set-gid-mapping gid,sid
234 Create a new or modify an existing gid to sid mapping in the IDmap
235 backend.
236 -V|--version
238 Prints the program version number.
239 -h|--help
241 Print a summary of command line options.
242
244 The wbinfo program returns 0 if the operation succeeded, or 1 if the
245 operation failed. If the winbindd(8) daemon is not working wbinfo will
246 always return failure.
247
249 This man page is correct for version 3 of the Samba suite.
250
252 winbindd(8) and ntlm_auth(1)
253
255 The original Samba software and related utilities were created by
256 Andrew Tridgell. Samba is now developed by the Samba Team as an Open
257 Source project similar to the way the Linux kernel is developed.
258 wbinfo and winbindd were written by Tim Potter.
260 The conversion to DocBook for Samba 2.2 was done by Gerald Carter. The
262 conversion to DocBook XML 4.2 for Samba 3.0 was done by Alexander
263 Bokovoy.
264Samba 3.5 08/02/2011 WBINFO(1)