Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
IDMAP_TDB2(8)		  System Administration	tools		 IDMAP_TDB2(8)

NAME
       idmap_tdb2 - Samba's idmap_tdb2 Backend for Winbind

DESCRIPTION
       The idmap_tdb2 plugin is	a substitute for the default idmap_tdb backend
       used by winbindd	for storing SID/uid/gid	mapping	tables in clustered
       environments with Samba and CTDB.

       In contrast to read only	backends like idmap_rid, it is an allocating
       backend:	This means that	it needs to allocate new user and group	IDs in
       order to	create new mappings.

IDMAP OPTIONS
       range = low - high
	   Defines the available matching uid and gid range for	which the
	   backend is authoritative.

       script
	   This	option can be used to configure	an external program for
	   performing id mappings instead of using the tdb counter. The
	   mappings are	then stored int	tdb2 idmap database. For details see
	   the section on IDMAP	SCRIPT below.

IDMAP SCRIPT
       The tdb2	idmap backend supports an external program for performing id
       mappings	through	the smb.conf option idmap config * : script or its
       deprecated legacy form idmap : script.

       The mappings obtained by	the script are then stored in the idmap	tdb2
       database	instead	of mappings created by the incrementing	id counters.
       It is therefore important that the script covers	the complete range of
       SIDs that can be	passed in for SID to Unix ID mapping, since otherwise
       SIDs unmapped by	the script might get mapped to IDs that	had previously
       been mapped by the script.

       The script should accept	the following command line options.

		SIDTOID	S-1-xxxx
		IDTOSID	UID xxxx
		IDTOSID	GID xxxx

       And it should return one	of the following responses as a	single line of
       text.

		UID:yyyy
		GID:yyyy
		SID:yyyy
		ERR:yyyy

EXAMPLES
       This example shows how tdb2 is used as a	the default idmap backend.

		[global]
		idmap config * : backend = tdb2
		idmap config * : range = 1000000-2000000

       This example shows how tdb2 is used as a	the default idmap backend
       using an	external program via the script	parameter:

		[global]
		idmap config * : backend = tdb2
		idmap config * : range = 1000000-2000000
		idmap config * : script	= /usr/local/samba/bin/idmap_script.sh

AUTHOR
       The original Samba software and related utilities were created by
       Andrew Tridgell.	Samba is now developed by the Samba Team as an Open
       Source project similar to the way the Linux kernel is developed.

Samba 4.6			  05/23/2017			 IDMAP_TDB2(8)

NAME | DESCRIPTION | IDMAP OPTIONS | IDMAP SCRIPT | EXAMPLES | AUTHOR

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=idmap_tdb2&sektion=8&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help