From a089b3bb99a226e8f99884867a677672cc028f1c Mon Sep 17 00:00:00 2001
From: "Gerald W. Carter" <jerry@samba.org>
Date: Tue, 23 Sep 2008 11:43:05 -0700
Subject: Document the new hash and adex idmap/nss_info plugins. (cherry picked
 from commit 77bc0be0536bcd6a3ce8283a708828bebbbffee3)

---
 docs-xml/manpages-3/idmap_adex.8.xml | 89 ++++++++++++++++++++++++++++++++++++
 1 file changed, 89 insertions(+)
 create mode 100644 docs-xml/manpages-3/idmap_adex.8.xml

(limited to 'docs-xml/manpages-3/idmap_adex.8.xml')

diff --git a/docs-xml/manpages-3/idmap_adex.8.xml b/docs-xml/manpages-3/idmap_adex.8.xml
new file mode 100644
index 0000000000..9eb2ff7d46
--- /dev/null
+++ b/docs-xml/manpages-3/idmap_adex.8.xml
@@ -0,0 +1,89 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="idmap_adex.8">
+
+<refmeta>
+	<refentrytitle>idmap_adex</refentrytitle>
+	<manvolnum>8</manvolnum>
+	<refmiscinfo class="source">Samba</refmiscinfo>
+	<refmiscinfo class="manual">System Administration tools</refmiscinfo>
+	<refmiscinfo class="version">3.2</refmiscinfo>
+</refmeta>
+
+
+<refnamediv>
+	<refname>idmap_adex</refname>
+	<refpurpose>Samba's idmap_adex Backend for Winbind</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+	<title>DESCRIPTION</title>
+	<para>
+	  The idmap_adex plugin provides a way for Winbind to read
+	  id mappings from an AD server that uses RFC2307 schema
+	  extensions. This module implements both the idmap and nss_info
+	  APIs and supports domain trustes as well as two-way cross
+	  forest trusts.  It is a read-only plugin requiring that the
+	  administrator provide mappings in advance by adding the
+	  POSIX attribute information to the users and groups objects
+	  in AD.  The most common means of doing this is using &quot;Identity
+	  Services for Unix&quot; support on Windows 2003 R2 and later.
+	</para>
+
+	<para>
+	  Note that you must add the uidNumber, gidNumber, and uid
+	  attributes to the partial attribute set of the forest global
+	  catalog servers.  This can be done using the Active Directory Schema
+	  Management MMC plugin (schmmgmt.dll).
+	</para>
+</refsynopsisdiv>
+
+<refsynopsisdiv>
+	<title>NSS_INFO</title>
+	<para>
+	  The nss_info plugin supports reading the unixHomeDirectory,
+	  gidNumber, loginShell, and uidNumber attributes from the user
+	  object and the gidNumber attribute from the group object to
+	  fill in information required by the libc getpwnam() and
+	  getgrnam() family of functions.  Group membership is filled in
+	  according to the Windows group membership and not the
+	  msSFU30PosixMember attribute.
+	</para>
+
+	<para>
+	  Username aliases are implement by setting the uid attribute
+	  on the user object.  While group name aliases are implemented
+	  by reading the displayname attribute from the group object.
+	</para>
+</refsynopsisdiv>
+
+<refsect1>
+	<title>EXAMPLES</title>
+	<para>
+	  The following example shows how to retrieve idmappings and NSS data
+	  from our principal and trusted AD domains.
+	</para>
+
+	<programlisting>
+	[global]
+	idmap backend = adex
+	idmap uid = 1000-4000000000
+	idmap gid = 1000-4000000000
+
+	winbind nss info = adex
+	winbind normalize names = yes
+	</programlisting>
+</refsect1>
+
+<refsect1>
+	<title>AUTHOR</title>
+
+	<para>
+	The original Samba software and related utilities
+	were created by Andrew Tridgell. Samba is now developed
+	by the Samba Team as an Open Source project similar
+	to the way the Linux kernel is developed.
+	</para>
+</refsect1>
+
+</refentry>
-- 
cgit