2025-02-07 01:58:28 +03:00 · 2007-03-21 20:22:12 +00:00 · 2007-03-21 20:22:12 +00:00 · 7462399b5c
commit 7462399b5c
parent 17174aacb8
5 changed files with 60 additions and 29 deletions
--- a/docs/manpages-3/idmap_ldap.8.xml
+++ b/docs/manpages-3/idmap_ldap.8.xml
@ -104,17 +104,17 @@

 	<programlisting>
 	[global]
-	    idmap domain = default
-
-	    idmap config default:backend = ldap
-	    idmap alloc backend:ldap_base_dn = ou=idmap,dc=example,dc=com
-	    idmap alloc backend:ldap_url = ldap://localhost/
-	    idmap config default:range   = 10000 - 50000
+	    idmap domain = ALLDOMAINS
+	    idmap config ALLDOMAINS:default      = yes
+	    idmap config ALLDOMAINS:backend      = ldap
+	    idmap config ALLDOMAINS:ldap_base_dn = ou=idmap,dc=example,dc=com
+	    idmap config ALLDOMAINS:ldap_url     = ldap://localhost/
+	    idmap config default:range           = 10000 - 50000

 	    idmap alloc backend = ldap
-	    idmap alloc backend:ldap_base_dn = ou=idmap,dc=example,dc=com
-	    idmap alloc backend:ldap_url = ldap://master.example.com/
-	    idmap alloc config:range = 10000 - 50000
+	    idmap alloc config:ldap_base_dn = ou=idmap,dc=example,dc=com
+	    idmap alloc config:ldap_url     = ldap://master.example.com/
+	    idmap alloc config:range        = 10000 - 50000
 	</programlisting>
 </refsect1>

--- a/docs/manpages-3/idmap_tdb.8.xml
+++ b/docs/manpages-3/idmap_tdb.8.xml
@ -66,10 +66,10 @@

 	<programlisting>
 	[global]
-	    idmap domain = default
-
-	    idmap config default:backend = tdb
-	    idmap config default:range   = 10000 - 50000
+	    idmap domain = ALLDOMAINS
+	    idmap config ALLDOMAINS:default = yes
+	    idmap config ALLDOMAINS:backend = tdb
+	    idmap config ALLDOMAINS:range   = 10000 - 50000

 	    idmap alloc backend = tdb
 	    idmap alloc config:range = 10000 - 50000
--- a/docs/smbdotconf/winbind/idmapbackend.xml
+++ b/docs/smbdotconf/winbind/idmapbackend.xml
@ -24,7 +24,5 @@
 	</para>
 </description>

-<value type="default"></value>
-<value type="example">ldap:ldap://ldapslave.example.com/</value>
-<value type="example">ad</value>
+<value type="default">tdb</value>
 </samba:parameter>
--- a/docs/smbdotconf/winbind/idmapconfig.xml
+++ b/docs/smbdotconf/winbind/idmapconfig.xml
@ -8,24 +8,57 @@
 	The idmap config prefix provides a means of managing each domain 
 	defined by the <smbconfoption name="idmap domains"/> option using Samba's
 	parameteric option support.  The idmap config prefix should be 
-	followed by the name of the domain, a colon, and either the option
-	name &quot;backend&quot; or a setting specific to the chosen
-	backend.</para>
+	followed by the name of the domain, a colon, and a setting specific to 
+	the chosen backend.  There are three options available for all domains:
+	</para>
+	<variablelist>  
+		<varlistentry>
+		<term>backend = backend_name</term>
+		<listitem><para>
+			Specifies the name of the idmap plugin to use as the 
+			SID/uid/gid backend for this domain.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>default = [yes|no]</term>
+		<listitem><para>
+			The default domain/backend will be used for searching for 
+			users and groups not belonging to one of the explicitly
+			listed domains (matched by comparing the account SID and the 
+			domain SID).
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>readonly = [yes|no]</term>
+		<listitem><para>
+			Mark the domain as readonly which means that no attempts to
+			allocate a uid or gid (by the <smbconfoption name="idmap alloc 
+			backend"/>) for any user or group in that domain
+			will be attempted.
+		</para></listitem>
+		</varlistentry>
+	</variablelist>

 	<para>
 	The following example illustrates how to configure the <citerefentry>
 	<refentrytitle>idmap_ad</refentrytitle><manvolnum>8</manvolnum></citerefentry> 
 	for the CORP domain and the <citerefentry><refentrytitle>idmap_tdb</refentrytitle>
-	<manvolnum>8</manvolnum></citerefentry> backend for all other domains.
+	<manvolnum>8</manvolnum></citerefentry> backend for all other domains.  The 
+	TRUSTEDDOMAINS string is simply a key used to reference the &quot;idmap 
+	config&quot; settings and does not represent the actual name of a domain.
 	</para>

 	<programlisting>
-	idmap domains = CORP default 
-	idmap config CORP:backend = ad
-	idmap config CORP:read_only = yes
-	idmap config default:backend = tdb
-	idmap config default:default = yes
-	idmap config default:range   = 1000 - 9999
+	idmap domains = CORP TRUSTEDDOMAINS
+
+	idmap config CORP:backend  = ad
+	idmap config CORP:readonly = yes
+
+	idmap config TRUSTEDDOMAINS:backend = tdb
+	idmap config TRUSTEDDOMAINS:default = yes
+	idmap config TRUSTEDDOMAINS:range   = 1000 - 9999
 	</programlisting>
 	
 </description>
--- a/docs/smbdotconf/winbind/idmapdomains.xml
+++ b/docs/smbdotconf/winbind/idmapdomains.xml
@ -12,9 +12,9 @@
 	</para>

 	<para>
-	Values constist of the short domain name for Winbind's primary or collection
-	of trusted domains.  The keyword &quot;default&quot; is used to
-	represent all domains not explicitly listed.
+	Values consist of the short domain name for Winbind's primary or collection
+	of trusted domains.  You may also use an arbitrary string to represent a catchall
+	domain backend for any domain not explicitly listed.
 	</para>

 	<para>