From 6a0e10e4dc7573b375d5720e62b932dbeb5ce76c Mon Sep 17 00:00:00 2001 From: "Gerald W. Carter" Date: Tue, 23 Sep 2008 11:43:05 -0700 Subject: [PATCH] Document the new hash and adex idmap/nss_info plugins. (cherry picked from commit 77bc0be0536bcd6a3ce8283a708828bebbbffee3) --- docs-xml/manpages-3/idmap_adex.8.xml | 89 ++++++++++++++++++++++++++++++++++++ docs-xml/manpages-3/idmap_hash.8.xml | 76 ++++++++++++++++++++++++++++++ 2 files changed, 165 insertions(+) create mode 100644 docs-xml/manpages-3/idmap_adex.8.xml create mode 100644 docs-xml/manpages-3/idmap_hash.8.xml diff --git a/docs-xml/manpages-3/idmap_adex.8.xml b/docs-xml/manpages-3/idmap_adex.8.xml new file mode 100644 index 00000000000..9eb2ff7d461 --- /dev/null +++ b/docs-xml/manpages-3/idmap_adex.8.xml @@ -0,0 +1,89 @@ + + + + + + idmap_adex + 8 + Samba + System Administration tools + 3.2 + + + + + idmap_adex + Samba's idmap_adex Backend for Winbind + + + + DESCRIPTION + + The idmap_adex plugin provides a way for Winbind to read + id mappings from an AD server that uses RFC2307 schema + extensions. This module implements both the idmap and nss_info + APIs and supports domain trustes as well as two-way cross + forest trusts. It is a read-only plugin requiring that the + administrator provide mappings in advance by adding the + POSIX attribute information to the users and groups objects + in AD. The most common means of doing this is using "Identity + Services for Unix" support on Windows 2003 R2 and later. + + + + Note that you must add the uidNumber, gidNumber, and uid + attributes to the partial attribute set of the forest global + catalog servers. This can be done using the Active Directory Schema + Management MMC plugin (schmmgmt.dll). + + + + + NSS_INFO + + The nss_info plugin supports reading the unixHomeDirectory, + gidNumber, loginShell, and uidNumber attributes from the user + object and the gidNumber attribute from the group object to + fill in information required by the libc getpwnam() and + getgrnam() family of functions. Group membership is filled in + according to the Windows group membership and not the + msSFU30PosixMember attribute. + + + + Username aliases are implement by setting the uid attribute + on the user object. While group name aliases are implemented + by reading the displayname attribute from the group object. + + + + + EXAMPLES + + The following example shows how to retrieve idmappings and NSS data + from our principal and trusted AD domains. + + + + [global] + idmap backend = adex + idmap uid = 1000-4000000000 + idmap gid = 1000-4000000000 + + winbind nss info = adex + winbind normalize names = yes + + + + + AUTHOR + + + The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed. + + + + diff --git a/docs-xml/manpages-3/idmap_hash.8.xml b/docs-xml/manpages-3/idmap_hash.8.xml new file mode 100644 index 00000000000..8e452b3c895 --- /dev/null +++ b/docs-xml/manpages-3/idmap_hash.8.xml @@ -0,0 +1,76 @@ + + + + + + idmap_hash + 8 + Samba + System Administration tools + 3.2 + + + + + idmap_hash + Samba's idmap_hash Backend for Winbind + + + + DESCRIPTION + The idmap_hash plugin implements a hashing algorithm used + map SIDs for domain users and groups to a 31-bit uid and gid. + This plugin also implements the nss_info API and can be used + to support a local name mapping files if enabled via the + "winbind normlaize names" and "winbind nss info" + parameters in smb.conf. + + + + + IDMAP OPTIONS + + + + name_map + + Specifies the absolute path to the name mapping + file used by the nss_info API. Entries in the file + are of the form "unix name + = qualified domain name"e;. + Mapping of both user and group names is supported. + + + + + + + EXAMPLES + The following example utilizes the idmap_hash plugin for + the idmap and nss_info information. + + + + [global] + idmap backend = hash + idmap uid = 1000-4000000000 + idmap gid = 1000-4000000000 + + winbind nss info = hash + winbind normalize names = yes + idmap_hash:name_map = /etc/samba/name_map.cfg + + + + + AUTHOR + + + The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed. + + + + -- 2.11.4.GIT