HP CIFS Server Administrator's Guide (5900-1282, April 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

101

102

103

104

105

106

107

108

109

110

Table 15 Unsupported Parameters or Options

This string variable control how winbind retrieves name service information to

construct a user's home directory and login shell. Only the template option is

functional, the SFU option is not supported by HP CIFS Server. If set to

template, winbind constructs a user's home directory and login shell using the

parameters of template shell and templatehomedir. The default setting

is template

winbind nss info

This is a boolean variable. If set to yes, this parameter activates the support for

nested groups. Nested groups are also called local groups or aliases. Nested

groups are defined locally on any machine (they are shared between DC's

through their SAM) and can contain users and global groups from any trusted

SAM. To be able to use nested groups, you need to run nss_winbind. This

parameter is not yet supported by HP CIFS Server. You may consider to use net

groupmap. Refer to net groupmap help for detailed information.

winbind nested groups

A smb.conf Example

An example of smb.conf file is shown below:

[global]

workgroup = DomainA # Doamin name

security = domain or ADS

# Winbindd section

idmap uid = 50000-60000

idmap gid = 50000-60000

idmap backend =

winbind enum users = no

winbind enum groups = no

winbind use default domain = no

winbind cache time = 300

# winbind separator = \

template homedir = /home/%U

template shell = /sbin/sh

[shareA]

path = /tmp/shareA

guest ok = no

writable = yes

Configuring Name Service Switch

To use winbind support, you need to configure the Name Service Switch control

file,/etc/nsswitch.conf, to use winbind as the name services for user or group name lookup.

For example, you can set up the /etc/nsswitch.conf file as follows:

passwd: files winbind

group: files winbind

In this example, NSS first checks the files, /etc/passwd and /etc/group, and if no entry is

found, it checks winbind.

For detailed information on how to configure NSS, refer to switch(4) and "Configuring the

Name Service Switch" in NFS Services Administrator's Guide at:

http://docs.hp.com/hpux/netcom/

idmap Backend Support in Winbind

This section describe the idmap rid backend and LDAP backend for idmap support when using

winbind. Examples of configuration files for each backend are provided.

idmap Backend Support in Winbind 105