diff options
| -rw-r--r-- | docs/manpages-3/idmap_ldap.8.xml | 18 | ||||
| -rw-r--r-- | docs/manpages-3/idmap_tdb.8.xml | 8 | ||||
| -rw-r--r-- | docs/smbdotconf/winbind/idmapbackend.xml | 4 | ||||
| -rw-r--r-- | docs/smbdotconf/winbind/idmapconfig.xml | 53 | ||||
| -rw-r--r-- | docs/smbdotconf/winbind/idmapdomains.xml | 6 |
5 files changed, 60 insertions, 29 deletions
diff --git a/docs/manpages-3/idmap_ldap.8.xml b/docs/manpages-3/idmap_ldap.8.xml index f93d885711..5cf06a4a9a 100644 --- a/docs/manpages-3/idmap_ldap.8.xml +++ b/docs/manpages-3/idmap_ldap.8.xml @@ -104,17 +104,17 @@ <programlisting> [global] - idmap domain = default - - idmap config default:backend = ldap - idmap alloc backend:ldap_base_dn = ou=idmap,dc=example,dc=com - idmap alloc backend:ldap_url = ldap://localhost/ - idmap config default:range = 10000 - 50000 + idmap domain = ALLDOMAINS + idmap config ALLDOMAINS:default = yes + idmap config ALLDOMAINS:backend = ldap + idmap config ALLDOMAINS:ldap_base_dn = ou=idmap,dc=example,dc=com + idmap config ALLDOMAINS:ldap_url = ldap://localhost/ + idmap config default:range = 10000 - 50000 idmap alloc backend = ldap - idmap alloc backend:ldap_base_dn = ou=idmap,dc=example,dc=com - idmap alloc backend:ldap_url = ldap://master.example.com/ - idmap alloc config:range = 10000 - 50000 + idmap alloc config:ldap_base_dn = ou=idmap,dc=example,dc=com + idmap alloc config:ldap_url = ldap://master.example.com/ + idmap alloc config:range = 10000 - 50000 </programlisting> </refsect1> diff --git a/docs/manpages-3/idmap_tdb.8.xml b/docs/manpages-3/idmap_tdb.8.xml index 33bbdd8bc5..85f729e569 100644 --- a/docs/manpages-3/idmap_tdb.8.xml +++ b/docs/manpages-3/idmap_tdb.8.xml @@ -66,10 +66,10 @@ <programlisting> [global] - idmap domain = default - - idmap config default:backend = tdb - idmap config default:range = 10000 - 50000 + idmap domain = ALLDOMAINS + idmap config ALLDOMAINS:default = yes + idmap config ALLDOMAINS:backend = tdb + idmap config ALLDOMAINS:range = 10000 - 50000 idmap alloc backend = tdb idmap alloc config:range = 10000 - 50000 diff --git a/docs/smbdotconf/winbind/idmapbackend.xml b/docs/smbdotconf/winbind/idmapbackend.xml index c9049c6af0..20e1115c5f 100644 --- a/docs/smbdotconf/winbind/idmapbackend.xml +++ b/docs/smbdotconf/winbind/idmapbackend.xml @@ -24,7 +24,5 @@ </para> </description> -<value type="default"></value> -<value type="example">ldap:ldap://ldapslave.example.com/</value> -<value type="example">ad</value> +<value type="default">tdb</value> </samba:parameter> diff --git a/docs/smbdotconf/winbind/idmapconfig.xml b/docs/smbdotconf/winbind/idmapconfig.xml index 7e96445962..63b0a907a8 100644 --- a/docs/smbdotconf/winbind/idmapconfig.xml +++ b/docs/smbdotconf/winbind/idmapconfig.xml @@ -8,24 +8,57 @@ The idmap config prefix provides a means of managing each domain defined by the <smbconfoption name="idmap domains"/> option using Samba's parameteric option support. The idmap config prefix should be - followed by the name of the domain, a colon, and either the option - name "backend" or a setting specific to the chosen - backend.</para> + followed by the name of the domain, a colon, and a setting specific to + the chosen backend. There are three options available for all domains: + </para> + <variablelist> + <varlistentry> + <term>backend = backend_name</term> + <listitem><para> + Specifies the name of the idmap plugin to use as the + SID/uid/gid backend for this domain. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>default = [yes|no]</term> + <listitem><para> + The default domain/backend will be used for searching for + users and groups not belonging to one of the explicitly + listed domains (matched by comparing the account SID and the + domain SID). + </para></listitem> + </varlistentry> + + <varlistentry> + <term>readonly = [yes|no]</term> + <listitem><para> + Mark the domain as readonly which means that no attempts to + allocate a uid or gid (by the <smbconfoption name="idmap alloc + backend"/>) for any user or group in that domain + will be attempted. + </para></listitem> + </varlistentry> + </variablelist> <para> The following example illustrates how to configure the <citerefentry> <refentrytitle>idmap_ad</refentrytitle><manvolnum>8</manvolnum></citerefentry> for the CORP domain and the <citerefentry><refentrytitle>idmap_tdb</refentrytitle> - <manvolnum>8</manvolnum></citerefentry> backend for all other domains. + <manvolnum>8</manvolnum></citerefentry> backend for all other domains. The + TRUSTEDDOMAINS string is simply a key used to reference the "idmap + config" settings and does not represent the actual name of a domain. </para> <programlisting> - idmap domains = CORP default - idmap config CORP:backend = ad - idmap config CORP:read_only = yes - idmap config default:backend = tdb - idmap config default:default = yes - idmap config default:range = 1000 - 9999 + idmap domains = CORP TRUSTEDDOMAINS + + idmap config CORP:backend = ad + idmap config CORP:readonly = yes + + idmap config TRUSTEDDOMAINS:backend = tdb + idmap config TRUSTEDDOMAINS:default = yes + idmap config TRUSTEDDOMAINS:range = 1000 - 9999 </programlisting> </description> diff --git a/docs/smbdotconf/winbind/idmapdomains.xml b/docs/smbdotconf/winbind/idmapdomains.xml index 515a91ba79..131b9e8167 100644 --- a/docs/smbdotconf/winbind/idmapdomains.xml +++ b/docs/smbdotconf/winbind/idmapdomains.xml @@ -12,9 +12,9 @@ </para> <para> - Values constist of the short domain name for Winbind's primary or collection - of trusted domains. The keyword "default" is used to - represent all domains not explicitly listed. + Values consist of the short domain name for Winbind's primary or collection + of trusted domains. You may also use an arbitrary string to represent a catchall + domain backend for any domain not explicitly listed. </para> <para> |