Using Rule-Based Mapping - Managing SMB File Sharing and Windows Interoperability in Oracle Solaris 11.2

Managing SMB File Sharing and Windows Interoperability in Oracle Solaris 11.2

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Managing SMB File Sharing and Windows ... » Setting Up Identity Mapping Between Windows ... » Creating Your Identity Mapping Strategy » Using Rule-Based Mapping

Updated: July 2014

Managing SMB File Sharing and Windows Interoperability in Oracle Solaris 11.2

Document Information

Using This Documentation

Chapter 1 Sharing Files Between Windows and Oracle Solaris Systems

Chapter 2 Setting Up Identity Mapping Between Windows and Oracle Solaris Systems

Mapping User and Group Identities

Creating Your Identity Mapping Strategy

Using Directory-Based Name Mapping

Using Identity Management for UNIX

Using Rule-Based Mapping

Mapping Well-Known Windows Account Names

Managing Directory-Based Name Mapping for Users and Groups

How to Extend the Active Directory Schema, and User and Group Entries

How to Extend the Native LDAP Schema, and User and Group Entries

How to Configure Directory-Based Mapping

How to Add a Directory-Based Name Mapping to a User or Group Object

How to Remove a Directory-Based Name Mapping From a User or Group Object

Managing Directory-Based Identity Mapping by Using Identity Management for UNIX

How to Enable Identity Management for UNIX Support

About Rule-Based Identity Mapping for Users and Groups

Formatting Group and User Names

Managing Rule-Based Identity Mapping for Users and Groups

Adding and Removing Group and User Mapping Rules

How to Add a User or Group Mapping Rule

How to Remove a User or Group Mapping Rule

Importing User Mappings From a Rule-Mapping File

Viewing Mapping Information

Troubleshooting the Identity Mapping Service

Viewing Identity Mapping Service Property Settings

Saving and Restoring Name-Based Mapping Rules

Viewing Details About Mappings

Debugging the Identity Mapping Service

Chapter 3 Setting Up a Oracle Solaris SMB Server to Manage and Share Files

Chapter 4 Using SMB File Sharing on Client Systems

Appendix A SMB DTrace Provider

Language:

Using Rule-Based Mapping

This strategy uses rules to associate Windows users and groups with equivalent Oracle Solaris users and groups by name rather than by identifier.

These mappings are easy to configure and can be configured with a single wildcard rule. However, the mapping rules are stored only on a particular system rather than being global. Use this method if only one SMB server is being used in your environment.

Create a bidirectional rule-based mapping to map all users in the Windows domain to users of the same name in the Oracle Solaris domain.
```
# idmap add 'winuser:*@example.com' 'unixuser:*'
# idmap add 'wingroup:*@example.com' 'unixgroup:*'
```
The first command maps the Windows user called [email protected] to the Oracle Solaris user pat. The second command maps the Windows group called [email protected] to the Oracle Solaris group staff.

Note - You can have only one bidirectional rule-based mapping to map all users in a single Windows domain to all Oracle Solaris users in the local Oracle Solaris domain. Wildcard mappings for two domains would make determining which domain to use when mapping an Oracle Solaris user to a Windows user impossible.
Create bidirectional rule-based mappings for users and groups whose Windows names do not exactly match the Oracle Solaris names.
```
# idmap add winuser:[email protected] unixuser:johnm
```
This command maps a Windows user called [email protected] to the Oracle Solaris user johnm.

Copyright © 2007, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices