diff options
Diffstat (limited to 'docs/smbdotconf')
| -rw-r--r-- | docs/smbdotconf/winbind/idmapbackend.xml | 11 | ||||
| -rw-r--r-- | docs/smbdotconf/winbind/winbindnssinfo.xml | 38 |
2 files changed, 48 insertions, 1 deletions
diff --git a/docs/smbdotconf/winbind/idmapbackend.xml b/docs/smbdotconf/winbind/idmapbackend.xml index e1dcadcbc8..071feb2334 100644 --- a/docs/smbdotconf/winbind/idmapbackend.xml +++ b/docs/smbdotconf/winbind/idmapbackend.xml @@ -20,9 +20,18 @@ with multiple domain environments. The idmap uid and idmap gid ranges must also be specified. </para> + + <para> + Finally, using the idmap_ad module, the UID and GID can directly + be retrieved from an Active Directory LDAP Server that supports an + RFC2307 compliant LDAP schema. idmap_ad supports "Services for Unix" + (SFU) version 2.x and 3.0. + </para> + </description> <value type="default"></value> <value type="example">ldap:ldap://ldapslave.example.com</value> -<value type="example">idmap_rid:DOMNAME=1000-100000000</value> +<value type="example">idmap_rid:BUILTIN=1000-1999,DOMNAME=2000-100000000</value> +<value type="example">idmap_ad</value> </samba:parameter> diff --git a/docs/smbdotconf/winbind/winbindnssinfo.xml b/docs/smbdotconf/winbind/winbindnssinfo.xml new file mode 100644 index 0000000000..c21f477275 --- /dev/null +++ b/docs/smbdotconf/winbind/winbindnssinfo.xml @@ -0,0 +1,38 @@ +<samba:parameter name="winbind nss info" + context="G" + type="boolean" + advanced="1" developer="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + + <para>This parameter is designed to control how Winbind retrieves Name + Service Information to construct a user's home directory and login shell. + Currently the following settings are available: + + <itemizedlist> + <listitem> + <para><parameter moreinfo="none">template</parameter> + - The default, using the parameters of <parameter moreinfo="none">template + shell</parameter> and <parameter moreinfo="none">template homedir</parameter>) + </para> + </listitem> + + <listitem> + <para><parameter moreinfo="none">sfu</parameter> + - When Samba is running in security = ads and your Active Directory + Domain Controller does support the Microsoft "Services for Unix" (SFU) + LDAP schema, winbind can retrieve the login shell and the home + directory attributes directly from your Directory Server. Note that + retrieving UID and GID from your ADS-Server requires to use + <parameter moreinfo="non">idmap backend</parameter> = idmap_ad as well. + </para> + </listitem> + + </itemizedlist> + +</para> +</description> + +<value type="default">template</value> +<value type="example">template sfu</value> +</samba:parameter> |