From 6fe9013ae23927a67fa6b6033e2711cef99b3533 Mon Sep 17 00:00:00 2001
From: bubulle <bubulle@alioth.debian.org>
Date: Tue, 7 Jun 2011 20:08:36 +0000
Subject: Load samba-3.6.0rc2 into branches/samba/upstream.

git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/upstream@3807 fc4039ab-9d04-0410-8cac-899223bdd6b0
---
 docs/htmldocs/manpages/idmap_ad.8.html | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

(limited to 'docs/htmldocs/manpages/idmap_ad.8.html')

diff --git a/docs/htmldocs/manpages/idmap_ad.8.html b/docs/htmldocs/manpages/idmap_ad.8.html
index 1852880ad2..8f55b4d81f 100644
--- a/docs/htmldocs/manpages/idmap_ad.8.html
+++ b/docs/htmldocs/manpages/idmap_ad.8.html
@@ -1,10 +1,25 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>idmap_ad</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="idmap_ad.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>idmap_ad &#8212; Samba's idmap_ad Backend for Winbind</p></div><div class="refsynopsisdiv"><h2>DESCRIPTION</h2><p>The idmap_ad plugin provides a way for Winbind to read
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>idmap_ad</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" title="idmap_ad"><a name="idmap_ad.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>idmap_ad &#8212; Samba's idmap_ad Backend for Winbind</p></div><div class="refsynopsisdiv" title="DESCRIPTION"><h2>DESCRIPTION</h2><p>The idmap_ad plugin provides a way for Winbind to read
 	id mappings from an AD server that uses RFC2307/SFU schema
 	extensions. This module implements only the "idmap"
 	API, and is READONLY. Mappings must be provided in advance
 	by the administrator by adding the posixAccount/posixGroup
 	classes and relative attribute/value pairs to the user and
-	group objects in the AD.</p></div><div class="refsect1" lang="en"><a name="id2522913"></a><h2>IDMAP OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">range = low - high</span></dt><dd><p>
+	group objects in the AD.</p><p>
+	Note that the idmap_ad module has changed considerably since
+	Samba versions 3.0 and 3.2.
+	Currently, the <em class="parameter"><code>ad</code></em> backend
+	does not work as the the default idmap backend, but one has
+	to configure it separately for each domain for which one wants
+	to use it, using disjoint ranges. One usually needs to configure
+	a writeable default idmap range, using for example the
+	<em class="parameter"><code>tdb</code></em> or <em class="parameter"><code>ldap</code></em>)
+	backend, in order to be able to map the BUILTIN sids and
+	possibly other trusted domains. The writeable default config
+	is also needed in order to be able to create group mappings.
+	This catch-all default idmap configuration should have a range
+	that is disjoint from any explicitly configured domain with
+	idmap backend <em class="parameter"><code>ad</code></em>. See the example below.
+	</p></div><div class="refsect1" title="IDMAP OPTIONS"><a name="id266828"></a><h2>IDMAP OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">range = low - high</span></dt><dd><p>
 			Defines the available matching UID and GID range for which the
 			backend is authoritative. Note that the range acts as a filter.
 			If specified any UID or GID stored in AD that fall outside the
@@ -16,7 +31,7 @@
 			Active Directory regarding user and group information.
 			This can be either the RFC2307 schema support included
 			in Windows 2003 R2 or the Service for Unix (SFU) schema.
-		</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id2483324"></a><h2>EXAMPLES</h2><p>
+		</p></dd></dl></div></div><div class="refsect1" title="EXAMPLES"><a name="id266865"></a><h2>EXAMPLES</h2><p>
 	The following example shows how to retrieve idmappings from our principal and
 	trusted AD domains. If trusted domains are present id conflicts must be
 	resolved beforehand, there is no
@@ -32,7 +47,7 @@
 
 	idmap config CORP : backend  = ad
 	idmap config CORP : range = 1000-999999
-	</pre></div><div class="refsect1" lang="en"><a name="id2483349"></a><h2>AUTHOR</h2><p>
+	</pre></div><div class="refsect1" title="AUTHOR"><a name="id266886"></a><h2>AUTHOR</h2><p>
 	The original Samba software and related utilities
 	were created by Andrew Tridgell. Samba is now developed
 	by the Samba Team as an Open Source project similar
-- 
cgit v1.2.3