diff options
Diffstat (limited to 'docs-xml/manpages/idmap_ldap.8.xml')
| -rw-r--r-- | docs-xml/manpages/idmap_ldap.8.xml | 145 |
1 files changed, 0 insertions, 145 deletions
diff --git a/docs-xml/manpages/idmap_ldap.8.xml b/docs-xml/manpages/idmap_ldap.8.xml deleted file mode 100644 index 2c0fcfd17c..0000000000 --- a/docs-xml/manpages/idmap_ldap.8.xml +++ /dev/null @@ -1,145 +0,0 @@ -<?xml version="1.0" encoding="iso-8859-1"?> -<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> -<refentry id="idmap_ldap.8"> - -<refmeta> - <refentrytitle>idmap_ldap</refentrytitle> - <manvolnum>8</manvolnum> - <refmiscinfo class="source">Samba</refmiscinfo> - <refmiscinfo class="manual">System Administration tools</refmiscinfo> - <refmiscinfo class="version">3.6</refmiscinfo> -</refmeta> - - -<refnamediv> - <refname>idmap_ldap</refname> - <refpurpose>Samba's idmap_ldap Backend for Winbind</refpurpose> -</refnamediv> - -<refsynopsisdiv> - <title>DESCRIPTION</title> - - <para>The idmap_ldap plugin provides a means for Winbind to - store and retrieve SID/uid/gid mapping tables in an LDAP directory - service. - </para> - - <para> - In contrast to read only backends like idmap_rid, it is an allocating - backend: This means that it needs to allocate new user and group IDs in - order to create new mappings. - </para> - -</refsynopsisdiv> - -<refsect1> - <title>IDMAP OPTIONS</title> - - <variablelist> - <varlistentry> - <term>ldap_base_dn = DN</term> - <listitem><para> - Defines the directory base suffix to use for - SID/uid/gid mapping entries. If not defined, idmap_ldap will default - to using the "ldap idmap suffix" option from smb.conf. - </para></listitem> - </varlistentry> - - <varlistentry> - <term>ldap_user_dn = DN</term> - <listitem><para> - Defines the user DN to be used for authentication. - The secret for authenticating this user should be - stored with net idmap secret - (see <citerefentry><refentrytitle>net</refentrytitle> - <manvolnum>8</manvolnum></citerefentry>). - If absent, the ldap credentials from the ldap passdb configuration - are used, and if these are also absent, an anonymous - bind will be performed as last fallback. - </para></listitem> - </varlistentry> - - <varlistentry> - <term>ldap_url = ldap://server/</term> - <listitem><para> - Specifies the LDAP server to use for - SID/uid/gid map entries. If not defined, idmap_ldap will - assume that ldap://localhost/ should be used. - </para></listitem> - </varlistentry> - - <varlistentry> - <term>range = low - high</term> - <listitem><para> - Defines the available matching uid and gid range for which the - backend is authoritative. - </para></listitem> - </varlistentry> - </variablelist> -</refsect1> - -<refsect1> - <title>EXAMPLES</title> - - <para> - The following example shows how an ldap directory is used as the - default idmap backend. It also configures the idmap range and base - directory suffix. The secret for the ldap_user_dn has to be set with - "net idmap secret '*' password". - </para> - - <programlisting> - [global] - idmap config * : backend = ldap - idmap config * : range = 1000000-1999999 - idmap config * : ldap_url = ldap://localhost/ - idmap config * : ldap_base_dn = ou=idmap,dc=example,dc=com - idmap config * : ldap_user_dn = cn=idmap_admin,dc=example,dc=com - </programlisting> - - <para> - This example shows how ldap can be used as a readonly backend while - tdb is the default backend used to store the mappings. - It adds an explicit configuration for some domain DOM1, that - uses the ldap idmap backend. Note that a range disjoint from the - default range is used. - </para> - - <programlisting> - [global] - # "backend = tdb" is redundant here since it is the default - idmap config * : backend = tdb - idmap config * : range = 1000000-1999999 - - idmap config DOM1 : backend = ldap - idmap config DOM1 : range = 2000000-2999999 - idmap config DOM1 : read only = yes - idmap config DOM1 : ldap_url = ldap://server/ - idmap config DOM1 : ldap_base_dn = ou=idmap,dc=dom1,dc=example,dc=com - idmap config DOM1 : ldap_user_dn = cn=idmap_admin,dc=dom1,dc=example,dc=com - </programlisting> -</refsect1> - -<refsynopsisdiv> - <title>NOTE</title> - - <para>In order to use authentication against ldap servers you may - need to provide a DN and a password. To avoid exposing the password - in plain text in the configuration file we store it into a security - store. The "net idmap " command is used to store a secret - for the DN specified in a specific idmap domain. - </para> -</refsynopsisdiv> - -<refsect1> - <title>AUTHOR</title> - - <para> - The original Samba software and related utilities - were created by Andrew Tridgell. Samba is now developed - by the Samba Team as an Open Source project similar - to the way the Linux kernel is developed. - </para> -</refsect1> - -</refentry> |