--- /dev/null
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="idmap_ldap.8">
+
+<refmeta>
+ <refentrytitle>idmap_ldap</refentrytitle>
+ <manvolnum>8</manvolnum>
+</refmeta>
+
+
+<refnamediv>
+ <refname>idmap_ldap</refname>
+ <refpurpose>Samba's idmap_ldap Backend for Winbind</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <title>DESCRIPTION</title>
+
+ <para>The idmap_ldap plugin provides a means for Winbind to
+ store and retrieve SID/uid/gid mapping tables in an LDAP directory
+ service. The module implements both the "idmap" and
+ "idmap alloc" APIs.
+ </para>
+</refsynopsisdiv>
+
+<refsect1>
+ <title>IDMAP OPTIONS</title>
+
+ <variablelist>
+ <varlistentry>
+ <term>ldap_base_dn = DN</term>
+ <listitem><para>
+ Defines the directory base suffix to use when searching for
+ SID/uid/gid mapping entries. If not defined, idmap_ldap will default
+ to using the "ldap idmap suffix" option from smb.conf.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>ldap_url = ldap://server/</term>
+ <listitem><para>
+ Specifies the LDAP server to use when searching for existing
+ SID/uid/gid map entries. If not defined, idmap_ldap will
+ assume that ldap://localhost/ should be used.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>range = low - high</term>
+ <listitem><para>
+ Defines the available matching uid and gid range for which the
+ backend is authoritative. Note that the range commonly matches
+ the allocation range due to the fact that the same backend will
+ store and retrieve SID/uid/gid mapping entries. If the parameter
+ is absent, Winbind fail over to use the "idmap uid" and
+ "idmap gid" options from smb.conf.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect1>
+
+<refsect1>
+ <title>IDMAP ALLOC OPTIONS</title>
+
+ <variablelist>
+ <varlistentry>
+ <term>ldap_base_dn = DN</term>
+ <listitem><para>
+ Defines the directory base suffix under which new SID/uid/gid mapping
+ entries should be stored. If not defined, idmap_ldap will default
+ to using the "ldap idmap suffix" option from smb.conf.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>ldap_url = ldap://server/</term>
+ <listitem><para>
+ Specifies the LDAP server to which modify/add/delete requests should
+ be sent. If not defined, idmap_ldap will assume that ldap://localhost/
+ should be used.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>range = low - high</term>
+ <listitem><para>
+ Defines the available matching uid and gid range from which
+ winbindd can allocate for users and groups. If the parameter
+ is absent, Winbind fail over to use the "idmap uid"
+ and "idmap gid" options from smb.conf.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect1>
+
+<refsect1>
+ <title>EXAMPLES</title>
+
+ <para>
+ The follow sets of a LDAP configuration which uses a slave server
+ running on localhost for fetching SID/gid/uid mappings while
+ sending update requests to the directory master server.
+ </para>
+
+ <programlisting>
+ [global]
+ idmap domain = default
+
+ idmap config default:backend = ldap
+ idmap alloc backend:ldap_base_dn = ou=idmap,dc=example,dc=com
+ idmap alloc backend:ldap_url = ldap://localhost/
+ idmap config default:range = 10000 - 50000
+
+ idmap alloc backend = ldap
+ idmap alloc backend:ldap_base_dn = ou=idmap,dc=example,dc=com
+ idmap alloc backend:ldap_url = ldap://master.example.com/
+ idmap alloc config:range = 10000 - 50000
+ </programlisting>
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para>
+ The original Samba software and related utilities
+ were created by Andrew Tridgell. Samba is now developed
+ by the Samba Team as an Open Source project similar
+ to the way the Linux kernel is developed.
+ </para>
+</refsect1>
+
+</refentry>
<refnamediv>
<refname>idmap_tdb</refname>
- <refpurpose>Samba's idmap_tdb Backend for winbindd</refpurpose>
+ <refpurpose>Samba's idmap_tdb Backend for Winbind</refpurpose>
</refnamediv>
<refsynopsisdiv>
Defines the available matching uid and gid range for which the
backend is authoritative. Note that the range commonly matches
the allocation range due to the fact that the same backend will
- store and retreive SID/uid/gid mapping entries. If the parameter
+ store and retrieve SID/uid/gid mapping entries. If the parameter
is absent, Winbind fail over to use the "idmap uid" and
"idmap gid" options from smb.conf.
</para></listitem>
idmap domain = default
idmap config default:backend = tdb
- idmap config default:default = yes
idmap config default:range = 10000 - 50000
idmap alloc backend = tdb
git.samba.org / import / samba-docs-svnimport.git / commitdiff