This feature is new in the Solaris Express 8/04 release and updated in the Solaris 10 3/05 release.
In NFS version 4, the nfsmapid daemon provides a mapping from a numeric user identification (UID) or a numeric group identification (GID) to a string representation, as well as the reverse. The string representation is used by the NFS version 4 protocol to represent owner or owner_group.
For example, the UID 123456 for the user, known_user, that is operating on a client that is named system.anydomain.com, would be mapped to known_user@anydomain.com. The NFS client sends the string representation, known_user@anydomain.com, to the NFS server. The NFS server maps the string representation, known_user@anydomain.com, to the unique UID 123456. nfsmapid uses the passwd and group entries in the /etc/nsswitch.conf file to determine which database will be consulted to perform the mappings.
For nfsmapid to work properly, clients and servers on NFS version 4 must have the same domain. To ensure that clients and servers have the same domain, nfsmapid configures the domain by following these strict precedence rules:
The daemon first checks the /etc/default/nfs file for a value that has been assigned to the NFSMAPID_DOMAIN keyword. If a value is found, the assigned value takes precedence over any other settings. The assigned value is appended to the outbound attribute strings and is compared against inbound attribute strings.
If no value has been assigned to NFSMAPID_DOMAIN, then the daemon checks for a domain name from a DNS TXT record on a DNS name server. To find a specific DNS record, nfsmapid relies on the resolv.conf(4) configuration file.
If no DNS TXT record provides a domain name, then by default the nfsmapid daemon uses the local DNS domain.
The use of DNS TXT records is preferred. Configure the _nfsv4idmapdomain TXT record on DNS servers that provide domains for NFS version 4 clients and servers. TXT records provide better support for scaling issues and provide a single point of control.
If your network includes multiple DNS domains, but has only a single UID and GID namespace, all clients must use one value for NFSMAPID_DOMAIN. For sites that use DNS, nfsmapid resolves this issue by obtaining the domain name from the value that you assigned to _nfsv4idmapdomain. If your network is not configured to use DNS, during the first system boot the Solaris OS uses the sysidconfig(1M) utility to provide prompts for an NFS version 4 domain name.
For more information, see the nfsmapid(1M) and sysidtool(1M) man pages. See also the System Administration Guide: Network Services.