wbinfo

wbinfo [options]
wbinfo {-u|--users} [DOMAIN]
wbinfo {-g|--groups} [DOMAIN]
wbinfo {-i|--user-info USERNAME}
wbinfo {--uid-to-sid UID|--sid-to-uid SID}
wbinfo {--name-to-sid NAME|--sid-to-name SID}
wbinfo {-p|--ping}

-u, --users
    Lists all users known to Winbind, optionally for a specific domain.


-g, --groups
    Lists all groups known to Winbind, optionally for a specific domain.


-i USERNAME, --user-info USERNAME
    Retrieves detailed information (SID, UID, GID, home directory, etc.) for a specified user.


-D, --domains
    Lists all domains that Winbind is aware of, including trusted domains.


-p, --ping
    Checks if the Winbind daemon is running and responsive.


--uid-to-sid UID
    Converts a local Unix UID to its corresponding Windows SID.


--sid-to-uid SID
    Converts a Windows SID to its corresponding local Unix UID.


--name-to-sid NAME
    Converts a user or group name (e.g., DOMAIN\user) to its corresponding Windows SID.


--sid-to-name SID
    Converts a Windows SID to its corresponding user or group name.


-t, --trusts
    Displays a list of all domain trusts known to Winbind.


--online-status
    Reports the current online status of the Winbind daemon.


--sequence
    Retrieves the current sequence number of the Winbind cache, useful for checking cache freshness.


--separator CHAR
    Specifies the character used to separate fields in the output, overriding the default backslash.


-v, --verbose
    Increases the verbosity of the output, providing more detailed information.

wbinfo is a command-line utility used to query the Winbind daemon for information about users, groups, and trusts from a Windows domain, typically Active Directory. It's an integral part of the Samba suite, allowing Linux/Unix systems to integrate seamlessly into Windows environments.

wbinfo can retrieve lists of users and groups, resolve SIDs to UIDs/GIDs and vice versa, check domain trust relationships, and verify the status of the Winbind daemon itself. It's often used by system administrators for troubleshooting user authentication, group memberships, and name resolution issues in environments where Samba and Winbind are configured to provide Windows domain services. It provides a programmatic interface to the information Winbind caches or retrieves from domain controllers.

wbinfo relies on the winbindd daemon being properly configured and running. If winbindd is not running or misconfigured, wbinfo commands will fail or provide incorrect results. Information returned by wbinfo is often cached by Winbind, meaning it might not immediately reflect the latest changes on the domain controller. To force a cache refresh, administrators might need to restart winbindd or use specific net commands (e.g., net cache flush). For very large domains, listing all users or groups can generate a significant amount of output and consume resources.

wbinfo is invaluable for diagnosing issues related to user authentication, group membership, and name resolution in Samba/Winbind environments. By querying cached information or direct domain controller lookups, it helps verify Winbind's connectivity and data consistency.

Its simple, parseable output makes wbinfo suitable for use in shell scripts. Administrators often leverage wbinfo in scripts to automate tasks such as listing domain users, checking user existence, or mapping SIDs.

wbinfo is a component of the Samba suite, which began in 1992 as a free software implementation of the SMB/CIFS networking protocol. As Windows networks evolved, especially with the introduction of Active Directory, Samba adapted to provide robust integration. wbinfo emerged as a crucial utility alongside the Winbind daemon to facilitate seamless user and group management, authentication, and name resolution between Unix-like systems and Windows domains. Its development has mirrored the advancements in Samba's Active Directory integration capabilities, becoming an indispensable tool for cross-platform network administration.

smbclient(1), net(8), id(1), getent(1), samba(7), winbindd(8)