docs: mention AD prerequirements for using idmap_ad

author Björn Jacke <bj@sernet.de>

Wed, 15 May 2013 13:52:25 +0000 (15:52 +0200)

committer Karolin Seeger <kseeger@samba.org>

Mon, 12 Aug 2013 07:09:44 +0000 (09:09 +0200)
author Björn Jacke <bj@sernet.de>
Wed, 15 May 2013 13:52:25 +0000 (15:52 +0200)
committer Karolin Seeger <kseeger@samba.org>
Mon, 12 Aug 2013 07:09:44 +0000 (09:09 +0200)
diff --git a/docs-xml/manpages-3/idmap_ad.8.xml b/docs-xml/manpages-3/idmap_ad.8.xml

index fbadaf2d55c70f2ce115e7d525917bd835af0d9b..2f7c0f11a95ed96238a3e315596222f552821e14 100644 (file)
--- a/docs-xml/manpages-3/idmap_ad.8.xml
+++ b/docs-xml/manpages-3/idmap_ad.8.xml
@@ -22,9 +22,12 @@
         id mappings from an AD server that uses RFC2307/SFU schema
         extensions. This module implements only the &quot;idmap&quot;
         API, and is READONLY. Mappings must be provided in advance
-       by the administrator by adding the posixAccount/posixGroup
-       classes and relative attribute/value pairs to the user and
-       group objects in the AD.</para>
+       by the administrator by adding the uidNumber attributes for
+       users and gidNumber attributes for groups in the AD. Winbind
+       will only map users that have a uidNumber and whose primary
+       group have a gidNumber attribute set. It is however
+       recommended that all groups in use have gidNumber attributes
+       assigned, otherwise they are not working.</para>
  
         <para>
         Note that the idmap_ad module has changed considerably since
author	Björn Jacke <bj@sernet.de>
	Wed, 15 May 2013 13:52:25 +0000 (15:52 +0200)
committer	Karolin Seeger <kseeger@samba.org>
	Mon, 12 Aug 2013 07:09:44 +0000 (09:09 +0200)