Section A.2. Samba Daemons

A.2. Samba Daemons

The following sections provide information about the command-line parameters for smbd, nmbd, winbindd, and swat. Some options are shared by all four daemons:


Print usage information for the command.


Print a brief command usage description.

-d|--debuglevel debug_level

Set the debug (sometimes called logging) level. The level normally ranges from 0 to 10. Specifying the value on the command line overrides the value specified in the smb.conf file. Debug level 0 logs only the most important messages; level 1 is normal; levels 3 and above are primarily for debugging and can slow the daemon considerably.

-l|--log-basename log_directory

Send the log messages to somewhere other than the location compiled into the executable or specified in the smb.conf file. If the directory does not exist, Samba's compiled-in default will be used.

-s|--configfile configuration_file

Specify the location of the Samba configuration file, overriding any compile time default location.


Print the daemon's version information.

The following additional options are available only to smbd, nmbd, and winbindd:


Run smbd in the foreground (i.e., do not detach from the terminal). This option is primarily of use when running Samba under the daemontools services (


Run the binary interactively, rather than as a daemon. All debug messages are written to standard output, which can be very useful for quick debugging sessions. You can terminate the daemon by pressing CTRL+C.


Log all debug messages to standard output rather redirecting to a logfile. This option is frequently used in conjunction with the --foreground option and the daemontools service management tools.

The smbd program provides Samba's file, printer, and authentication services, using one daemon per TCP/IP stream, which usually equates to one smbd process per connected client. It is controlled by a configuration file named smb.conf, although certain settings can be overridden by command-line options.

The configuration file is automatically re-evaluated every three minutes. If it has changed (or if the list of included files has changed), most new options are immediately effective. You can force Samba to reload the configuration file immediately by either sending a HUP signal to a specific smbd process or by running smbcontrol smbd reload-config. Reloading the configuration file does not normally affect any clients that are already connected (unless of course the changes introduced a bad configuration).

Other signals

To shut down an smbd process, send it the termination signal SIGTERM (15), which allows it to die gracefully, instead of a SIGKILL (9).

Command synopsis

 smbd [options] 

Additional options


Display options and configure test results used to build smbd.


Run the smbd program as a daemon. This is the recommended way to use smbd. It is also the default action when smbd is run from an interactive command line. In addition, smbd can be run from inetd.

-p|--port port_number

Set the TCP/IP port number from which the server will accept requests. The default is to service TCP ports 139 for traffic over the NetBIOS session layer and 445 for SMB/CIFS traffic directly over TCP.

The nmbd program is Samba's NetBIOS name service and browsing daemon. It replies to NetBIOS over TCP/IP (also called NetBT or NBT) name-service requests broadcast from SMB clients, and optionally to Microsoft's Windows Internet Name Service (WINS) requests. Both are versions of the name-to-address lookup required by NetBIOS clients. The broadcast version uses UDP, broadcast on the local subnet only, while WINS uses TCP, which can be routed. If running as a WINS server, nmbd keeps a current name and address database in the file wins.dat stored in Samba's lock dircetory.

An active nmbd daemon also responds to browsing protocol requests used by the Windows My Network Places. This protocol provides a dynamic directory of servers, as well as the disks and printers that the servers are providing. If nmbd is acting as a local master browser, it stores the browsing database in the file browse.dat also stored in in Samba's lock directory.


Like smbd, the nmbd program responds to several Unix signals. Sending nmbd a SIGHUP signal causes it to dump the names it knows about to the namelist.debug file in its lock directory. To shut down an nmbd process and allow it to die gracefully, send it a SIGTERM (15) signal, rather than a SIGKILL (9).

Command synopsis

nmbd [options]

Additional options


Run the nmbd program as a daemon. This is the recommended way to use nmbd. It is also the default action when nmbd is run from an interactive command line. In addition, nmbd can be run from inetd.

-H|--hosts lmhosts_file

Specify the location of the lmhosts file for name resolution. This file is used only to resolve names for the local server, not to answer queries from remote systems.

-p|--port port_number

Set the UDP port number from which the server accepts requests. The default is to service the name service UDP port 137 and the NetBIOS datagran UDP port on 138.

The winbindd daemon is part of the Winbind service and is used to allow Unix systems to obtain user and group information from a Windows or Samba domain. Winbind maps Windows relative IDs (RIDs) to Unix uids and gids and allows domain accounts to be used for Unix authentication. Its purpose is to ease integration of Microsoft and Unix networks when a preexisting domain is set up to handle authentication and authorization responsibilities.

The daemon is accessed by users via the name service switch and PAM. Both services use Samba provided libraries to send requests to winbindd over Unix domain sockets. winbindd then communicates with domain controllers on behalf of the Unix programs.

Winbind is discussed extensively in Chapter 10.

Command synopsis

 winbindd [options] 

Additional options


Disable caching of domain user and group information. Under normal circumstances, account data is cached according the winbind cache time setting in smb.conf.

The Samba Web Administration Tool (SWAT) is used to configure a server's smb.conf file and to provide some basic user management features. It can be run only from inetd, as described in Chapter 2.



Disable authentication checks in SWAT. This flag should be used only when debugging new installations.


Restrict access to all pages in SWAT except the password change dialog box. This is useful as a browser-based password change application for users rather than running the smbpasswd command manually.

Using Samba
Using Samba: A File and Print Server for Linux, Unix & Mac OS X, 3rd Edition
ISBN: 0596007698
EAN: 2147483647
Year: 2004
Pages: 135 © 2008-2017.
If you may any questions please contact us: