From 8f8a9f01909ba29e2b781310baeeaaddc3f15f0d Mon Sep 17 00:00:00 2001
From: "Gerald W. Carter" <jerry@samba.org>
Date: Tue, 22 Apr 2008 10:09:40 -0500
Subject: Moving docs tree to docs-xml to make room for generated docs in the
 release tarball. (This used to be commit
 9f672c26d63955f613088489c6efbdc08b5b2d14)

---
 docs-xml/manpages-3/idmap_ad.8.xml | 92 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 92 insertions(+)
 create mode 100644 docs-xml/manpages-3/idmap_ad.8.xml

(limited to 'docs-xml/manpages-3/idmap_ad.8.xml')

diff --git a/docs-xml/manpages-3/idmap_ad.8.xml b/docs-xml/manpages-3/idmap_ad.8.xml
new file mode 100644
index 0000000000..766eb85090
--- /dev/null
+++ b/docs-xml/manpages-3/idmap_ad.8.xml
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="idmap_ad.8">
+
+<refmeta>
+	<refentrytitle>idmap_ad</refentrytitle>
+	<manvolnum>8</manvolnum>
+	<refmiscinfo class="source">Samba</refmiscinfo>
+	<refmiscinfo class="manual">System Administration tools</refmiscinfo>
+	<refmiscinfo class="version">3.2</refmiscinfo>
+</refmeta>
+
+
+<refnamediv>
+	<refname>idmap_ad</refname>
+	<refpurpose>Samba's idmap_ad Backend for Winbind</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+	<title>DESCRIPTION</title>
+	<para>The idmap_ad plugin provides a way for Winbind to read
+	id mappings from an AD server that uses RFC2307/SFU schema
+	extensions. This module implements only the &quot;idmap&quot;
+	API, and is READONLY. Mappings must be provided in advance
+	by the administrator by adding the posixAccount/posixGroup
+	classess and relative attribute/value pairs to the users and
+	groups objects in AD</para>
+</refsynopsisdiv>
+
+<refsect1>
+	<title>IDMAP OPTIONS</title>
+
+	<variablelist>
+		<varlistentry>
+		<term>range = low - high</term>
+		<listitem><para>
+			Defines the available matching uid and gid range for which the
+			backend is authoritative. Note that the range acts as a filter.
+			If specified any UID or GID stored in AD that fall outside the
+			range is ignored and the corresponding map is discarded.
+			It is intended as a way to avoid accidental UID/GID overlaps
+			between local and remotely defined IDs.
+		</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>schema_mode = &lt;rfc2307 | sfu &gt;</term>
+		<listitem><para>
+			Defines the schema that idmap_ad should use when querying
+			Active Directory regarding user and group information.
+			This can either the RFC2307 schema support included
+			in Windows 2003 R2 or the Service for Unix (SFU) schema.
+		</para></listitem>
+		</varlistentry>
+	</variablelist>
+</refsect1>
+
+<refsect1>
+	<title>EXAMPLES</title>
+	<para>
+	The following example shows how to retrieve idmappings from our principal and
+	and trusted AD domains. All is needed is to set default to yes. If trusted
+	domains are present id conflicts must be resolved beforehand, there is no
+	guarantee on the order conflicting mappings would be resolved at this point.
+
+	This example also shows how to leave a small non conflicting range for local
+	id allocation that may be used in internal backends like BUILTIN.
+	</para>
+
+	<programlisting>
+	[global]
+	idmap domains = ALLDOMAINS
+	idmap config ALLDOMAINS:backend      = ad
+	idmap config ALLDOMAINS:default      = yes
+	idmap config ALLDOMAINS:range        = 10000 - 300000000
+
+	idmap alloc backend = tdb
+	idmap alloc config:range        = 5000 - 9999
+	</programlisting>
+</refsect1>
+
+<refsect1>
+	<title>AUTHOR</title>
+
+	<para>
+	The original Samba software and related utilities
+	were created by Andrew Tridgell. Samba is now developed
+	by the Samba Team as an Open Source project similar
+	to the way the Linux kernel is developed.
+	</para>
+</refsect1>
+
+</refentry>
-- 
cgit