diff options
Diffstat (limited to 'docs/htmldocs/manpages/idmap_ldap.8.html')
| -rw-r--r-- | docs/htmldocs/manpages/idmap_ldap.8.html | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/docs/htmldocs/manpages/idmap_ldap.8.html b/docs/htmldocs/manpages/idmap_ldap.8.html deleted file mode 100644 index 19ada558a3..0000000000 --- a/docs/htmldocs/manpages/idmap_ldap.8.html +++ /dev/null @@ -1,67 +0,0 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>idmap_ldap</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" title="idmap_ldap"><a name="idmap_ldap.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>idmap_ldap — Samba's idmap_ldap Backend for Winbind</p></div><div class="refsynopsisdiv" title="DESCRIPTION"><h2>DESCRIPTION</h2><p>The idmap_ldap plugin provides a means for Winbind to - store and retrieve SID/uid/gid mapping tables in an LDAP directory - service. - </p><p> - In contrast to read only backends like idmap_rid, it is an allocating - backend: This means that it needs to allocate new user and group IDs in - order to create new mappings. - </p></div><div class="refsect1" title="IDMAP OPTIONS"><a name="id266343"></a><h2>IDMAP OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">ldap_base_dn = DN</span></dt><dd><p> - Defines the directory base suffix to use for - SID/uid/gid mapping entries. If not defined, idmap_ldap will default - to using the "ldap idmap suffix" option from smb.conf. - </p></dd><dt><span class="term">ldap_user_dn = DN</span></dt><dd><p> - Defines the user DN to be used for authentication. - The secret for authenticating this user should be - stored with net idmap secret - (see <a class="citerefentry" href="net.8.html"><span class="citerefentry"><span class="refentrytitle">net</span>(8)</span></a>). - If absent, the ldap credentials from the ldap passdb configuration - are used, and if these are also absent, an anonymous - bind will be performed as last fallback. - </p></dd><dt><span class="term">ldap_url = ldap://server/</span></dt><dd><p> - Specifies the LDAP server to use for - SID/uid/gid map entries. If not defined, idmap_ldap will - assume that ldap://localhost/ should be used. - </p></dd><dt><span class="term">range = low - high</span></dt><dd><p> - Defines the available matching uid and gid range for which the - backend is authoritative. - </p></dd></dl></div></div><div class="refsect1" title="EXAMPLES"><a name="id266868"></a><h2>EXAMPLES</h2><p> - The following example shows how an ldap directory is used as the - default idmap backend. It also configures the idmap range and base - directory suffix. The secret for the ldap_user_dn has to be set with - "net idmap secret '*' password". - </p><pre class="programlisting"> - [global] - idmap config * : backend = ldap - idmap config * : range = 1000000-1999999 - idmap config * : ldap_url = ldap://localhost/ - idmap config * : ldap_base_dn = ou=idmap,dc=example,dc=com - idmap config * : ldap_user_dn = cn=idmap_admin,dc=example,dc=com - </pre><p> - This example shows how ldap can be used as a readonly backend while - tdb is the default backend used to store the mappings. - It adds an explicit configuration for some domain DOM1, that - uses the ldap idmap backend. Note that a range disjoint from the - default range is used. - </p><pre class="programlisting"> - [global] - # "backend = tdb" is redundant here since it is the default - idmap config * : backend = tdb - idmap config * : range = 1000000-1999999 - - idmap config DOM1 : backend = ldap - idmap config DOM1 : range = 2000000-2999999 - idmap config DOM1 : read only = yes - idmap config DOM1 : ldap_url = ldap://server/ - idmap config DOM1 : ldap_base_dn = ou=idmap,dc=dom1,dc=example,dc=com - idmap config DOM1 : ldap_user_dn = cn=idmap_admin,dc=dom1,dc=example,dc=com - </pre></div><div class="refsynopsisdiv" title="NOTE"><h2>NOTE</h2><p>In order to use authentication against ldap servers you may - need to provide a DN and a password. To avoid exposing the password - in plain text in the configuration file we store it into a security - store. The "net idmap " command is used to store a secret - for the DN specified in a specific idmap domain. - </p></div><div class="refsect1" title="AUTHOR"><a name="id265711"></a><h2>AUTHOR</h2><p> - The original Samba software and related utilities - were created by Andrew Tridgell. Samba is now developed - by the Samba Team as an Open Source project similar - to the way the Linux kernel is developed. - </p></div></div></body></html> |