[OpenIndiana-discuss] ActiveDirectory UID mapping (netatalk)

Gordon Ross gordon.w.ross at gmail.com
Thu Aug 16 22:12:25 UTC 2012


On Sun, Aug 12, 2012 at 6:51 PM, Jim Klimov <jimklimov at cos.ru> wrote:
> I might suggest an alternative solution, which may be an overkill for
> a single fileserver, but is rather widely employed in heterogenous
> shops: fire up a naming service (such as LDAP), and the fileserver
> would be its client. idmap mappings can be set up to map Windows
> users not to ephemeral IDs, but to statically defined individual
> POSIX UIDs from this LDAP service which can be used in ALCs, file
> ownerships, etc.   [...]

That's exactly what the "IDMU" feature of Active Directory gets you.
All you have to do is enable IDMU features in AD, setup the LDAP
client side (nss_ldap) so it talks to AD, and tell idmap to use IDMU.

-- 
Gordon Ross <gwr at nexenta.com>
Nexenta Systems, Inc.  www.nexenta.com
Enterprise class storage for everyone



More information about the OpenIndiana-discuss mailing list