Using adbindproxy.pl

This section describes the options available for the adbindproxy command-line tool. The adbindproxy.pl utility is used to configure Samba and Authentication Service to work together and provides specific functions, such as exporting UIDs and GIDs, creating symbolic links to Samba binaries and libraries, and restoring backed-up Samba files.

For step-by-step instructions about running adbindproxy.pl to configure Samba and the Authentication Service to work together, see Running the adbindproxy.pl Script.

Synopsis

adbindproxy.pl [--help] [--info] [--restore] [--unconfig] [--adjoinExtraOptions] [--adleaveExtraOptions] [--version] [--verbose]
adbindproxy.pl [--export] [--groupFile filename] [--userFile filename] [--tdbfile filename]
adbindproxy.pl [--record] [--responseFile filename]
adbindproxy.pl [--nonInteractive] [--responseFile filename]
adbindproxy.pl [--service start|stop|restart|status]

adbindroxy.pl Options

You can use the following options with this command:

Use this option	To Do This
`-c --test filename`	Generate a test target Samba configuration file. With this option, the script generates a target Samba configuration file with the filename for review. This option is a review option and does not change any configuration or make any changes.
`-E`, `--export`	Export user IDs (UIDs) and group IDs (GIDs) that are stored in Samba’s winbindd_idmap.tdb file. Use the`--groupFile` and `--userFile` options to specify the export files for the GIDs and UIDs. Use the `--tdbfile` option to specify the .tdb file that contains the GIDs and UIDs. After export, you can use the Access Manager Console to import the users and groups with their existing UID and GID mappings into a zone.
`-f`, `--responseFile filename`	The filename specifies the response file for recording with the -x option or for non-interactive mode with the -n option. If you don't specify a filename, the default is `/var/centrify/samba/adbindproxy.pl.rsp`.
`-g`, `--groupFile filename`	Specify the file in which to write the Samba-created Active Directory group to GID mappings. Use this option with the export option. By default, the file is: `/etc/group`
`-h`, `--help`	Display the adbindproxy.pl usage information.
`-i, --info`	Display Samba interoperability information.
`-j, --adjoinExtraOptions adjoinoptions`	The `adjoinoptions` are the additional options to be used for the adjoin command. Do not specify the domain or the following options with adjoinExtraOptions, because they're already handled in the response file: -u / --user -c / --container -V / --verbose `-n` / `--name` `-s` / `--server` `-T` / `--trust` `-k` / `--des` `adjoinoptions`0 / `adjoinoptions`1 `adjoinoptions`2 / `adjoinoptions`3
`-l`, `--adleaveExtraOptions adleaveoptions`	The `adleaveoptions` are the additional options to be used for the adleave command. Do not specify the domain or the following options with adleaveExtraOptions, because they're already handled in the response file: `-u` / `--user` `-f` / `--force`
`-n`, `--nonInteractive`	Run adbindproxy.pl in non-interactive mode using the response file. It is recommended to have the machine joined to the Active Directory domain before running this script in non-interactive mode. Otherwise, adbindproxy.pl needs to obtain the Active Directory authorized user password from the command line with the `-j/-l` option, or interactively from the terminal. WARNING: Typing the password in the command line NOT secure, do NOT do that unless you know what you are doing.
`-r`, `--restore`	Restore files backed up from the first time you configured Samba for interoperability with the Authentication Service. Typically, you run adbindproxy.pl with the `restore` option to restore Samba files before uninstalling the integration components that were provided in adbindproxy.
`-S`, `--symbol`	Force the creation of symbolic links to Server Suite for Samba binaries and libraries without asking for confirmation.
`--s`, `--service <start\|stop\|restart\|status>`	Control the `CentrifyDC` Samba service. If you haven't configured the `CentrifyDC` Samba service yet, this option has no effect. If you specify `--service status`, there will be a return value of 0 if the service is running and a return value of 1 if the service isn't running.
`-T`, `--noTestShare`	Specify to not create the test folder "/samba-test" and not add the "samba-test" share when updating the smb.conf file.
`-t`, `--tdbFile filename`	Specify the location of the `winbindd_idmap.tdb` file that contains Samba UID and GID information. This option is used during the UID and GID export process. If you omit this option, the default file to export from is: `/var/lib/samba/winbindd_idmap.tdb`
`-u`, `--userFile filename`	Specify the file in which to write Samba-created Active Directory user to UID mappings. Use this option with the `-exports` option. By default, the file is `/etc/passwd`.
`-v`, `--version`	Display version information for the installed software.
`-V`, `--verbose`	Display detailed information for each operation.
`-x`, `--record`	Record the user input into the response file which can be used later in non-interactive mode.

Examples

To display basic information about the configuration of the Samba integration and interoperability with authentication service and Active Directory, you could type a command line similar to the following:

adbindproxy.pl --info

This command displays information similar to the following (where v.v.v is the Server Suite version number and s.s.s is the Samba number):

The Samba base path is: /usr 
CentrifyDC version = CentrifyDC v.v.v 
CentrifyDC Architecture = 64-bit 
CentrifyDC Realm = ARCADE.NET 
CentrifyDC NTLM Domain = ARCADE 
CentrifyDC Host = magnolia.arcade.net 
CentrifyDC Short Host = magnolia 
 
Samba Version = s.s.s 
Samba Architecture = 64-bit 
Samba Realm = ARCADE.NET 
Samba NetBIOS Name = MAGNOLIA 
 
Samba Version Supported = yes 
Samba and CDC in same Realm = yes 
Samba and CDC share machine account = yes 
Password sync using libtdb = <not specified>

To export existing Samba GID and UID information that you want to import into a Server Suite Zone, and to show details about the operation performed, type a command line similar to the following:

adbindproxy.pl --export --verbose

This command displays information similar to the following:

The existing UID mappings have been exported to 
/var/centrify/samba/passwd.

The existing GID mappings have been exported to 
/var/centrify/samba/group.

To record the user input to a response file:

# adbindproxy.pl -x

To run adbindproxy.pl in non-interactive mode with the response file that was generated previously at the default location:

# adbindproxy.pl -n