Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

idmapd(1m) [opensolaris man page]

idmapd(1M)						  System Administration Commands						idmapd(1M)

NAME
idmapd - Native Identity Mapping service daemon SYNOPSIS
/usr/lib/idmapd DESCRIPTION
The idmapd daemon maps Windows Security Identifiers (SIDs) to POSIX Identifiers (UIDs/GIDs) and conversely. The idmap(1M) utility provides a front end to the idmapd daemon. FILES
/var/idmap/idmap.db Database in which to store local name-based ID mapping rules. The contents of the database are private. The database should not be accessed or modified directly. /var/run/idmap/idmap.db Database in which to cache ID mappings that are generated by ephemeral ID mapping and by name-based mapping. The contents of the data- base are private. The database should not be accessed or modified directly. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWcsu | +-----------------------------+-----------------------------+ |Interface Stability |See below. | +-----------------------------+-----------------------------+ Interface stability for these components is as follows: svc:/system/idmap Committed /var/idmap/idmap.db Project Private /var/run/idmap/idmap.db Project Private SEE ALSO
svcs(1), idmap(1M), svcadm(1M), svccfg(1M), defaultdomain(4), attributes(5), smf(5) NOTES
The idmapd service is managed by the service management facility (SMF). The service identifier for the idmapd service is svc:/system/idmap. Use the svcadm command to perform administrative actions on this service, such as enabling, disabling, or restarting the service. These actions require the solaris.smf.manage.idmap authorization. Use the svcs command to query the service's status. The functionality of this daemon might change in a future release of the Solaris operating system. SunOS 5.11 5 June 2007 idmapd(1M)

Check Out this Related Man Page

IDMAP_TDB(8)                                                System Administration tools                                               IDMAP_TDB(8)

NAME
idmap_tdb - Samba's idmap_tdb Backend for Winbind DESCRIPTION
The idmap_tdb plugin is the default backend used by winbindd for storing SID/uid/gid mapping tables. In contrast to read only backends like idmap_rid, it is an allocating backend: This means that it needs to allocate new user and group IDs in order to create new mappings. The allocator can be provided by the idmap_tdb backend itself or by any other allocating backend like idmap_ldap or idmap_tdb2. This is configured with the parameter idmap alloc backend. Note that in order for this (or any other allocating) backend to function at all, the default backend needs to be writeable. The ranges used for uid and gid allocation are the default ranges configured by "idmap uid" and "idmap gid". Furthermore, since there is only one global allocating backend responsible for all domains using writeable idmap backends, any explicitly configured domain with idmap backend tdb should have the same range as the default range, since it needs to use the global uid / gid allocator. See the example below. IDMAP OPTIONS
range = low - high Defines the available matching uid and gid range for which the backend is authoritative. If the parameter is absent, Winbind fails over to use the "idmap uid" and "idmap gid" options from smb.conf. EXAMPLES
This example shows how tdb is used as a the default idmap backend. It configures the idmap range through the global options for all domains encountered. This same range is used for uid/gid allocation. [global] # "idmap backend = tdb" is redundant here since it is the default idmap backend = tdb idmap uid = 1000000-2000000 idmap gid = 1000000-2000000 This (rather theoretical) example shows how tdb can be used as the allocating backend while ldap is the default backend used to store the mappings. It adds an explicit configuration for some domain DOM1, that uses the tdb idmap backend. Note that the same range as the default uid/gid range is used, since the allocator has to serve both the default backend and the explicitly configured domain DOM1. [global] idmap backend = ldap idmap uid = 1000000-2000000 idmap gid = 1000000-2000000 # use a different uid/gid allocator: idmap alloc backend = tdb idmap config DOM1 : backend = tdb idmap config DOM1 : range = 1000000-2000000 AUTHOR
The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed. Samba 3.5 06/18/2010 IDMAP_TDB(8)
Man Page