--- /dev/null
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="idmap_adex.8">
+
+<refmeta>
+ <refentrytitle>idmap_adex</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="source">Samba</refmiscinfo>
+ <refmiscinfo class="manual">System Administration tools</refmiscinfo>
+ <refmiscinfo class="version">3.2</refmiscinfo>
+</refmeta>
+
+
+<refnamediv>
+ <refname>idmap_adex</refname>
+ <refpurpose>Samba's idmap_adex Backend for Winbind</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <title>DESCRIPTION</title>
+ <para>
+ The idmap_adex plugin provides a way for Winbind to read
+ id mappings from an AD server that uses RFC2307 schema
+ extensions. This module implements both the idmap and nss_info
+ APIs and supports domain trustes as well as two-way cross
+ forest trusts. It is a read-only plugin requiring that the
+ administrator provide mappings in advance by adding the
+ POSIX attribute information to the users and groups objects
+ in AD. The most common means of doing this is using "Identity
+ Services for Unix" support on Windows 2003 R2 and later.
+ </para>
+
+ <para>
+ Note that you must add the uidNumber, gidNumber, and uid
+ attributes to the partial attribute set of the forest global
+ catalog servers. This can be done using the Active Directory Schema
+ Management MMC plugin (schmmgmt.dll).
+ </para>
+</refsynopsisdiv>
+
+<refsynopsisdiv>
+ <title>NSS_INFO</title>
+ <para>
+ The nss_info plugin supports reading the unixHomeDirectory,
+ gidNumber, loginShell, and uidNumber attributes from the user
+ object and the gidNumber attribute from the group object to
+ fill in information required by the libc getpwnam() and
+ getgrnam() family of functions. Group membership is filled in
+ according to the Windows group membership and not the
+ msSFU30PosixMember attribute.
+ </para>
+
+ <para>
+ Username aliases are implement by setting the uid attribute
+ on the user object. While group name aliases are implemented
+ by reading the displayname attribute from the group object.
+ </para>
+</refsynopsisdiv>
+
+<refsect1>
+ <title>EXAMPLES</title>
+ <para>
+ The following example shows how to retrieve idmappings and NSS data
+ from our principal and trusted AD domains.
+ </para>
+
+ <programlisting>
+ [global]
+ idmap backend = adex
+ idmap uid = 1000-4000000000
+ idmap gid = 1000-4000000000
+
+ winbind nss info = adex
+ winbind normalize names = yes
+ </programlisting>
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para>
+ The original Samba software and related utilities
+ were created by Andrew Tridgell. Samba is now developed
+ by the Samba Team as an Open Source project similar
+ to the way the Linux kernel is developed.
+ </para>
+</refsect1>
+
+</refentry>
--- /dev/null
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="idmap_hash.8">
+
+<refmeta>
+ <refentrytitle>idmap_hash</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="source">Samba</refmiscinfo>
+ <refmiscinfo class="manual">System Administration tools</refmiscinfo>
+ <refmiscinfo class="version">3.2</refmiscinfo>
+</refmeta>
+
+
+<refnamediv>
+ <refname>idmap_hash</refname>
+ <refpurpose>Samba's idmap_hash Backend for Winbind</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <title>DESCRIPTION</title>
+ <para>The idmap_hash plugin implements a hashing algorithm used
+ map SIDs for domain users and groups to a 31-bit uid and gid.
+ This plugin also implements the nss_info API and can be used
+ to support a local name mapping files if enabled via the
+ "winbind normlaize names" and "winbind nss info"
+ parameters in smb.conf.
+ </para>
+</refsynopsisdiv>
+
+<refsect1>
+ <title>IDMAP OPTIONS</title>
+
+ <variablelist>
+ <varlistentry>
+ <term>name_map</term>
+ <listitem><para>
+ Specifies the absolute path to the name mapping
+ file used by the nss_info API. Entries in the file
+ are of the form "<replaceable>unix name</replaceable>
+ = <replaceable>qualified domain name</replaceable>"e;.
+ Mapping of both user and group names is supported.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect1>
+
+<refsect1>
+ <title>EXAMPLES</title>
+ <para>The following example utilizes the idmap_hash plugin for
+ the idmap and nss_info information.
+ </para>
+
+ <programlisting>
+ [global]
+ idmap backend = hash
+ idmap uid = 1000-4000000000
+ idmap gid = 1000-4000000000
+
+ winbind nss info = hash
+ winbind normalize names = yes
+ idmap_hash:name_map = /etc/samba/name_map.cfg
+ </programlisting>
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para>
+ The original Samba software and related utilities
+ were created by Andrew Tridgell. Samba is now developed
+ by the Samba Team as an Open Source project similar
+ to the way the Linux kernel is developed.
+ </para>
+</refsect1>
+
+</refentry>
git.samba.org / metze / samba / wip.git / commitdiff