From c52661aa20ea39ec3c21d60d7b00a6b7f324cab6 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 21 Mar 2007 19:38:36 +0000 Subject: Fill in the idmap_ldap man page and clean up a few things in the idmap_tdb docs (This used to be commit 17174aacb8a415f4a9db307ba48d21914fd1265a) --- docs/manpages-3/idmap_ldap.8.xml | 132 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 docs/manpages-3/idmap_ldap.8.xml (limited to 'docs/manpages-3/idmap_ldap.8.xml') diff --git a/docs/manpages-3/idmap_ldap.8.xml b/docs/manpages-3/idmap_ldap.8.xml new file mode 100644 index 0000000000..f93d885711 --- /dev/null +++ b/docs/manpages-3/idmap_ldap.8.xml @@ -0,0 +1,132 @@ + + + + + + idmap_ldap + 8 + + + + + idmap_ldap + Samba's idmap_ldap Backend for Winbind + + + + DESCRIPTION + + The idmap_ldap plugin provides a means for Winbind to + store and retrieve SID/uid/gid mapping tables in an LDAP directory + service. The module implements both the "idmap" and + "idmap alloc" APIs. + + + + + IDMAP OPTIONS + + + + ldap_base_dn = DN + + Defines the directory base suffix to use when searching for + SID/uid/gid mapping entries. If not defined, idmap_ldap will default + to using the "ldap idmap suffix" option from smb.conf. + + + + + ldap_url = ldap://server/ + + Specifies the LDAP server to use when searching for existing + SID/uid/gid map entries. If not defined, idmap_ldap will + assume that ldap://localhost/ should be used. + + + + + range = low - high + + Defines the available matching uid and gid range for which the + backend is authoritative. Note that the range commonly matches + the allocation range due to the fact that the same backend will + store and retrieve SID/uid/gid mapping entries. If the parameter + is absent, Winbind fail over to use the "idmap uid" and + "idmap gid" options from smb.conf. + + + + + + + IDMAP ALLOC OPTIONS + + + + ldap_base_dn = DN + + Defines the directory base suffix under which new SID/uid/gid mapping + entries should be stored. If not defined, idmap_ldap will default + to using the "ldap idmap suffix" option from smb.conf. + + + + + ldap_url = ldap://server/ + + Specifies the LDAP server to which modify/add/delete requests should + be sent. If not defined, idmap_ldap will assume that ldap://localhost/ + should be used. + + + + + range = low - high + + Defines the available matching uid and gid range from which + winbindd can allocate for users and groups. If the parameter + is absent, Winbind fail over to use the "idmap uid" + and "idmap gid" options from smb.conf. + + + + + + + EXAMPLES + + + The follow sets of a LDAP configuration which uses a slave server + running on localhost for fetching SID/gid/uid mappings while + sending update requests to the directory master server. + + + + [global] + idmap domain = default + + idmap config default:backend = ldap + idmap alloc backend:ldap_base_dn = ou=idmap,dc=example,dc=com + idmap alloc backend:ldap_url = ldap://localhost/ + idmap config default:range = 10000 - 50000 + + idmap alloc backend = ldap + idmap alloc backend:ldap_base_dn = ou=idmap,dc=example,dc=com + idmap alloc backend:ldap_url = ldap://master.example.com/ + idmap alloc config:range = 10000 - 50000 + + + + + AUTHOR + + + The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed. + + + + -- cgit