source: branches/samba-3.3.x/docs/htmldocs/manpages/idmap_tdb2.8.html

Last change on this file was 411, checked in by Herwig Bauernfeind, 15 years ago

Update Samba 3.3.x to 3.3.11
File size: 3.7 KB
Line 
1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>idmap_tdb2</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="idmap_tdb2.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>idmap_tdb2 &#8212; Samba's idmap_tdb2 Backend for Winbind</p></div><div class="refsynopsisdiv"><h2>DESCRIPTION</h2><p>
2 The idmap_tdb2 plugin is a substitute for the default idmap_tdb
3 backend used by winbindd for storing SID/uid/gid mapping tables
4 in clustered environments with Samba and CTDB.
5 </p><p>
6 In contrast to read only backends like idmap_rid, it is an allocating
7 backend: This means that it needs to allocate new user and group IDs in
8 order to create new mappings. The allocator can be provided by the
9 idmap_tdb2 backend itself or by any other allocating backend like
10 idmap_tdb or idmap_ldap. This is configured with the
11 parameter <em class="parameter"><code>idmap alloc backend</code></em>.
12 </p><p>
13 Note that in order for this (or any other allocating) backend to
14 function at all, the default backend needs to be writeable.
15 The ranges used for uid and gid allocation are the default ranges
16 configured by "idmap uid" and "idmap gid".
17 </p><p>
18 Furthermore, since there is only one global allocating backend
19 responsible for all domains using writeable idmap backends,
20 any explicitly configured domain with idmap backend tdb2
21 should have the same range as the default range, since it needs
22 to use the global uid / gid allocator. See the example below.
23 </p></div><div class="refsect1" lang="en"><a name="id2522945"></a><h2>IDMAP OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">range = low - high</span></dt><dd><p>
24 Defines the available matching uid and gid range for which the
25 backend is authoritative.
26 If the parameter is absent, Winbind fails over to use
27 the "idmap uid" and "idmap gid" options
28 from smb.conf.
29 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id2483338"></a><h2>IDMAP SCRIPT</h2><p>
30 The tdb2 idmap backend supports a script for performing id mappings
31 through the smb.conf option <em class="parameter"><code>idmap : script</code></em>.
32 The script should accept the following command line options.
33 </p><pre class="programlisting">
34 SIDTOID S-1-xxxx
35 IDTOSID UID xxxx
36 IDTOSID GID xxxx
37 </pre><p>
38 And it should return one of the following responses as a single line of
39 text.
40 </p><pre class="programlisting">
41 UID:yyyy
42 GID:yyyy
43 SID:yyyy
44 ERR:yyyy
45 </pre><p>
46 Note that the script should cover the complete range of SIDs
47 that can be passed in for SID to Unix ID mapping, since otherwise
48 SIDs unmapped by the script might get mapped to IDs that had
49 previously been mapped by the script.
50 </p></div><div class="refsect1" lang="en"><a name="id2483382"></a><h2>EXAMPLES</h2><p>
51 This example shows how tdb2 is used as a the default idmap backend.
52 It configures the idmap range through the global options for all
53 domains encountered. This same range is used for uid/gid allocation.
54 </p><pre class="programlisting">
55 [global]
56 idmap backend = tdb2
57 idmap uid = 1000000-2000000
58 idmap gid = 1000000-2000000
59 </pre></div><div class="refsect1" lang="en"><a name="id2483528"></a><h2>AUTHOR</h2><p>
60 The original Samba software and related utilities
61 were created by Andrew Tridgell. Samba is now developed
62 by the Samba Team as an Open Source project similar
63 to the way the Linux kernel is developed.
64 </p></div></div></body></html>
Note: See TracBrowser for help on using the repository browser.