mirror of
https://github.com/samba-team/samba.git
synced 2025-01-07 17:18:11 +03:00
29 lines
1.3 KiB
XML
29 lines
1.3 KiB
XML
<samba:parameter name="idmap backend"
|
|
context="G"
|
|
type="string"
|
|
advanced="1" developer="1" hide="1"
|
|
xmlns:samba="http://samba.org/common">
|
|
<description>
|
|
<para>
|
|
The purpose of the idmap backend parameter is to allow idmap to NOT use the local idmap
|
|
tdb file to obtain SID to UID / GID mappings, but instead to obtain them from a common
|
|
LDAP backend. This way all domain members and controllers will have the same UID and GID
|
|
to SID mappings. This avoids the risk of UID / GID inconsistencies across UNIX / Linux
|
|
systems that are sharing information over protocols other than SMB/CIFS (ie: NFS).
|
|
</para>
|
|
|
|
<para>
|
|
An alternate method of SID to UID / GID mapping can be achieved using the idmap_rid
|
|
plug-in. This plug-in uses the account RID to derive the UID and GID by adding the
|
|
RID to a base value specified. This utility requires that the parameter
|
|
<quote>allow trusted domains = No</quote> must be specified, as it is not compatible
|
|
with multiple domain environments. The idmap uid and idmap gid ranges must also be
|
|
specified.
|
|
</para>
|
|
</description>
|
|
|
|
<value type="default"></value>
|
|
<value type="example">ldap:ldap://ldapslave.example.com</value>
|
|
<value type="example">idmap_rid:DOMNAME=1000-100000000</value>
|
|
</samba:parameter>
|