Managing SMB File Sharing and Windows Interoperability in Oracle Solaris 11.2

Exit Print View

 
Updated: July 2014
 
 

How to Add a Directory-Based Name Mapping to a User or Group Object

    This procedure shows how to perform the following directory-based name mapping:

  • Mapping a Windows user or group to an Oracle Solaris user or group by adding the Oracle Solaris user or group name to the AD object for the specified Windows user.

  • Mapping an Oracle Solaris user or group to a Windows user by adding the Windows user or group name to the native LDAP object for the specified Oracle Solaris user or group.

For more information about the idmap set-namemap command and its options, see the idmap (1M) man page.

  1. Become an administrator.

    For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .

  2. Determine whether to augment a user or group object in AD or in the native LDAP service.
    • Augment a user object.

      • To augment the Windows user object in AD:

        # idmap set-namemap winuser:username@domain-name unixuser:username

        For example, the following command maps Windows user [email protected] to Oracle Solaris user mary by adding the Oracle Solaris name to the AD object for [email protected].

        # idmap set-namemap winuser:[email protected] unixuser:mary

      • To augment the Oracle Solaris user object in native LDAP:

        # idmap set-namemap unixuser:username winuser:username@domain-name

        For example, the following command maps Oracle Solaris user mary to Windows user [email protected] by adding the Windows name to the native LDAP object for mary.

        # idmap set-namemap unixuser:mary winuser:[email protected]
    • Augment a group object.

      • To augment the Windows group object in AD:

        # idmap set-namemap wingroup:group-name@domain-name unixgroup:group-name

        For example, the following command maps the Windows group [email protected] to the Oracle Solaris group sales by adding the Oracle Solaris name to the AD object for [email protected].

        # idmap set-namemap wingroup:[email protected] unixgroup:sales

      • To augment the Oracle Solaris group object in native LDAP:

        # idmap set-namemap unixgroup:group-name wingroup:group-name@domain-name

        For example, the following command maps the Oracle Solaris group sales to the Windows group [email protected] by adding the Windows name to the native LDAP object for sales.

        # idmap set-namemap unixgroup:sales wingroup:[email protected]
Copyright © 2007, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous
Next