Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

idmap_rid.8

Visit:

Last change on this file was 414, checked in by Herwig Bauernfeind, 15 years ago
Samba 3.5.0: Initial import
File size: 3.1 KB

Line
1	'\" t
2	.\" Title: idmap_rid
3	.\" Author: [see the "AUTHOR" section]
4	.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
5	.\" Date: 02/19/2010
6	.\" Manual: System Administration tools
7	.\" Source: Samba 3.5
8	.\" Language: English
9	.\"
10	.TH "IDMAP_RID" "8" "02/19/2010" "Samba 3\&.5" "System Administration tools"
11	.\" -----------------------------------------------------------------
12	.\" * set default formatting
13	.\" -----------------------------------------------------------------
14	.\" disable hyphenation
15	.nh
16	.\" disable justification (adjust text to left margin only)
17	.ad l
18	.\" -----------------------------------------------------------------
19	.\" * MAIN CONTENT STARTS HERE *
20	.\" -----------------------------------------------------------------
21	.SH "NAME"
22	idmap_rid \- Samba\'s idmap_rid Backend for Winbind
23	.SH "DESCRIPTION"
24	.PP
25	The idmap_rid backend provides a way to use an algorithmic mapping scheme to map UIDs/GIDs and SIDs\&. No database is required in this case as the mapping is deterministic\&.
26	.SH "IDMAP OPTIONS"
27	.PP
28	range = low \- high
29	.RS 4
30	Defines the available matching uid and gid range for which the backend is authoritative\&. Note that the range acts as a filter\&. If algorithmically determined UID or GID fall outside the range, they are ignored and the corresponding map is discarded\&. It is intended as a way to avoid accidental UID/GID overlaps between local and remotely defined IDs\&.
31	.RE
32	.PP
33	base_rid = INTEGER
34	.RS 4
35	Defines the base integer used to build SIDs out of a UID or a GID, and to rebase the UID or GID to be obtained from a SID\&. This means SIDs with a RID less than the base rid are filtered\&. The default is not to restrict the allowed rids at all, i\&.e\&. a base_rid value of 0\&. A good value for the base_rid can be 1000, since user RIDs by default start at 1000 (512 hexadecimal)\&.
36	.sp
37	Use of this parameter is deprecated\&.
38	.RE
39	.SH "THE MAPPING FORMULAS"
40	.PP
41	The Unix ID for a RID is calculated this way:
42	.sp
43	.if n \{\
44	.RS 4
45	.\}
46	.nf
47	ID = RID \- BASE_RID + LOW_RANGE_ID\&.
48
49	.fi
50	.if n \{\
51	.RE
52	.\}
53	.PP
54	Correspondingly, the formula for calculating the RID for a given Unix ID is this:
55	.sp
56	.if n \{\
57	.RS 4
58	.\}
59	.nf
60	RID = ID + BASE_RID \- LOW_RANGE_ID\&.
61
62	.fi
63	.if n \{\
64	.RE
65	.\}
66	.sp
67	.SH "EXAMPLES"
68	.PP
69	This example shows how to configure two domains with idmap_rid, the principal domain and a trusted domain, leaving the default id mapping scheme at tdb\&. The example also demonstrates the use of the base_rid parameter for the trusted domain\&.
70	.sp
71	.if n \{\
72	.RS 4
73	.\}
74	.nf
75	[global]
76	security = domain
77	workgroup = MAIN
78
79	idmap backend = tdb
80	idmap uid = 1000000\-1999999
81	idmap gid = 1000000\-1999999
82
83	idmap config MAIN : backend = rid
84	idmap config MAIN : range = 10000 \- 49999
85
86	idmap config TRUSTED : backend = rid
87	idmap config TRUSTED : range = 50000 \- 99999
88	idmap config TRUSTED : base_rid = 1000
89
90	.fi
91	.if n \{\
92	.RE
93	.\}
94	.SH "AUTHOR"
95	.PP
96	The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&.

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format