HP CIFS Server Administrator's Guide Version A.03.01.04 (5900-2303), April 2012
Table 14 Global parameters (continued)
DescriptionParameter
cache to reduce the HP CIFS Server response time while enumerating user or
group list. To disable winbind caching for the user or group list entries, set this
parameter to No. The default setting is Yes.
You can also use the winbindd -n command to disable winbind caching when
you start the winbind daemon, this means winbindd always has to wait a
response from the Windows domain controller before it can respond to a client.
Either the winbindd -n command or winbind cache ug list = No
configuration disables winbind caching for the user or group list entries.
This boolean variable specifies whether the winbindd daemon operates on
users without domain component in their username. Users without a domain
winbind use default domain
component are treated as a part of the winbindd server's own domain. The
default setting is No.
This string variable specifies the winbind users a home directory. For example,
template homedir = /home/%U
template homedir
This string variable specifies the winbind users a login shell. For example,
template shell = /shin/ksh.
template shell
This parameter specifies the seconds in time that the winbindd(8) daemon
needs to wait before contacting a Domain controller for a domain that is down.
The default value for this parameter is set to winbind reconnect delay = 30.
winbind reconnect delay
This parameter controls the maximum depth of winbindd traverse when flattening
nested group memberships of Windows domain groups. The winbind expand
winbind expand groups
groups parameter is different from the winbind expand groups, which
applies to the membership of the domain groups.
NOTE: Setting a high value for the winbind expand groups parameter
can cause the system to slow down and thewinbindd daemon cannot answer
incoming NSS or authentication requests.
The default value for this parameter is set to winbind expand groups = 1.
If the value is set to yes, this parameter forces winbindd to use RPC instead
of LDAP to retrieve information from Domain controllers. The default value for
this parameter is set to winbind rpc only = no.
winbind rpc only
NOTE: If you want to use the default value "\" of the winbind separator parameter in
smb.conf, you should comment out this parameter. By doing this, the testparm and wbinfo
commands can show the correct default separator character "/" without generating an error.
Commenting out the winbind separator parameter with the default value, you must type the
default "\" separator character twice ("\\") when using the wbinfo -n command. For example,
wbinfo -n domain_name\\domain_username.
NOTE:
• The HP CIFS Server does not support the ad option for idmap backend.
• The idmap rid utility requires that the parameter, allow trusted domains = No, must
be specified, as it is not compatible with multiple domain environments. The idmap uid and
idmap gid ranges must also be specified.
Unsupported parameters or options
Table 7–2 shows the parameters or options which are not supported by the HP CIFS Server.
Table 15 Unsupported parameters or options
This string variable control how winbind retrieves name service information to
construct a user's home directory and login shell. Only the template option is
winbind nss info
functional, the SFU option is not supported by HP CIFS Server. If set to
Configuring HP CIFS Server with Winbind 105