| commit | 3fdf8d15c05518aa08770583d4d0172b15a9b389 | |
| author | Volker Lendecke <vl@samba.org> | |
| Fri, 18 Nov 2022 10:36:28 +0000 (18 11:36 +0100) | ||
| committer | Ralph Boehme <slow@samba.org> | |
| Wed, 29 Mar 2023 17:55:50 +0000 (29 17:55 +0000) | ||
| tree | 6d2e1382ce7a0118e1fb9f15025e479fd3fe5f5c | treesnapshot (tar.gz zip) |
| parent | c9c709e39dd13680490338fd37caf095f17b70c8 | commitdiff |
idmap_ad: Add "deny ous" and "allow ous" options
With these options, certain OUs can be denied or a list of OUs can be
explicitly permitted for idmapping.
Use case: Administration of OUs in AD has been delegated to people not
100% trusted by the unix server team, this can prevent arbitrary unix
IDs to be assigned by these delegated admins.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
With these options, certain OUs can be denied or a list of OUs can be
explicitly permitted for idmapping.
Use case: Administration of OUs in AD has been delegated to people not
100% trusted by the unix server team, this can prevent arbitrary unix
IDs to be assigned by these delegated admins.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
| docs-xml/manpages/idmap_ad.8.xml | diffblobblamehistory | |
| source3/winbindd/idmap_ad.c | diffblobblamehistory |