HP CIFS Server Administrator's Guide Version A.03.01.01 (5900-1282, May 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

101

102

103

104

105

106

107

108

109

110

Table 14 Global Parameters (continued)

DescriptionParameter

This string variable specifies the type of the idmap backend that is used. The

syntax can be:

idmap backend

• idmap backend =

This is the default where the local idmap tdb file is used.

• idmap backend = rid:<domain name>=<idmap_rid_range>

The ID mappings are generated by the idmap rid facility. For example, idmap

backend = rid:DomainA=50000–60000.

• idmap backend = ldap:ldap://<ldap server name>[:389]

The ID mapping data is stored in a common LDAP directory server backend.

For example, idmap backend = ldap:ldap://ldapserverA.hp.com.

This integer variable specifies the number of seconds the winbindd daemon

caches user and group information before querying a Windows NT server again.

The default value is 300.

winbind cache time

This boolean variable controls whether to enable or disable winbind caching

for the user or group list entries. When this parameter is set to Yes, the winbind

winbind cache ug list

daemon, winbindd, caches the user or group list entries into the winbindd

cache to reduce the HP CIFS Server response time while enumerating user or

group list. To disable winbind caching for the user or group list entries, set this

parameter to No. The default setting is Yes.

You can also use the winbindd -n command to disable winbind caching when

you start the winbind daemon, this means winbindd always has to wait a

response from the Windows domain controller before it can respond to a client.

Either the winbindd -n command or winbind cache ug list = No

configuration disables winbind caching for the user or group list entries.

This boolean variable specifies whether the winbindd daemon operates on

users without domain component in their username. Users without a domain

winbind use default domain

component are treated as a part of the winbindd server's own domain. The

default setting is No.

This string variable specifies the winbind users a home directory. For example,

template homedir = /home/%U

template homedir

This string variable specifies the winbind users a login shell. For example,

template shell = /shin/ksh.

template shell

This parameter specifies the time in seconds that the winbindd(8) daemon

must wait before contacting a Domain controller for a domain that is down. The

default value for this parameter is set to winbind reconnect delay = 30.

winbind reconnect delay

This parameter controls the maximum depth of winbindd traverse when flattening

nested group memberships of Windows domain groups. The winbind expand

winbind expand groups

groups parameter is different from the winbind expand groups, which

applies to the membership of the domain groups.

NOTE: Setting a high value for the winbind expand groups parameter

can cause the system to slow down and the winbindd daemon cannot answer

incoming NSS or authentication requests.

The default value for this parameter is set to winbind expand groups = 1.

If the value is set to yes, this parameter forces winbindd to use RPC instead

of LDAP to retrieve information from Domain controllers. The default value for

this parameter is set to winbind rpc only = no.

winbind rpc only

Configuring HP CIFS Server with Winbind 105