blob: 03ff02a486b91e09654ced9700b349742d40cef5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
<refentry id="idmap_hash.8">
<refmeta>
<refentrytitle>idmap_hash</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class="source">Samba</refmiscinfo>
<refmiscinfo class="manual">System Administration tools</refmiscinfo>
<refmiscinfo class="version">&doc.version;</refmiscinfo>
</refmeta>
<refnamediv>
<refname>idmap_hash</refname>
<refpurpose>DO NOT USE THIS BACKEND</refpurpose>
</refnamediv>
<refsynopsisdiv>
<title>DESCRIPTION</title>
<para>DO NOT USE THIS PLUGIN
The idmap_hash plugin implements a hashing algorithm used to map
SIDs for domain users and groups to 31-bit uids and gids, respectively.
This plugin also implements the nss_info API and can be used
to support a local name mapping files if enabled via the
"winbind normalize names" and "winbind nss info"
parameters in &smb.conf;.
The module divides the range into subranges for each domain that is being
handled by the idmap config.
The module needs the complete UID and GID range to be able to map all
SIDs. The lowest value for the range should be the smallest ID
available in the system. This is normally 1000. The highest ID should
be set to 2147483647.
A smaller range will lead to issues because of the hashing algorithm
used. The overall range to map all SIDs is 0 - 2147483647. Any range
smaller than 0 - 2147483647 will filter some SIDs. As we can normally
only start with 1000, we are not able to map 1000 SIDs. This already
can lead to issues. The smaller the range the less SIDs can be mapped.
We do not recommend to use this plugin. It will be removed in a future
release of Samba.
</para>
</refsynopsisdiv>
<refsect1>
<title>IDMAP OPTIONS</title>
<variablelist>
<varlistentry>
<term>name_map</term>
<listitem><para>
Specifies the absolute path to the name mapping
file used by the nss_info API. Entries in the file
are of the form "<replaceable>unix name</replaceable>
= <replaceable>qualified domain name</replaceable>".
Mapping of both user and group names is supported.
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>EXAMPLES</title>
<para>The following example utilizes the idmap_hash plugin for
the idmap and nss_info information.
</para>
<programlisting>
[global]
idmap config * : backend = hash
idmap config * : range = 1000-2147483647
winbind nss info = hash
winbind normalize names = yes
idmap_hash:name_map = /etc/samba/name_map.cfg
</programlisting>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>
The original Samba software and related utilities
were created by Andrew Tridgell. Samba is now developed
by the Samba Team as an Open Source project similar
to the way the Linux kernel is developed.
</para>
</refsect1>
</refentry>
|
