Go to main content

Managing SMB File Sharing and Windows Interoperability in Oracle® Solaris 11.3

Exit Print View

Updated: December 2017
 
 

How to Add a Directory-Based Name Mapping to a User or Group Object

    This procedure shows how to perform the following directory-based name mapping:

  • Mapping a Windows user or group to an Oracle Solaris user or group by adding the Oracle Solaris user or group name to the AD object for the specified Windows user.

  • Mapping an Oracle Solaris user or group to a Windows user by adding the Windows user or group name to the native LDAP object for the specified Oracle Solaris user or group.

For more information about the idmap set-namemap command and its options, see the idmap(1M) man page.

  1. Become an administrator.

    For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.

  2. Determine whether to augment a user or group object in AD or in the native LDAP service.
    • Augment a user object.

      • To augment the Windows user object in AD:

        # idmap set-namemap winuser:username@domain-name unixuser:username

        For example, the following command maps Windows user maryb@example.com to Oracle Solaris user mary by adding the Oracle Solaris name to the AD object for maryb@example.com.

        # idmap set-namemap winuser:maryb@example.com unixuser:mary

      • To augment the Oracle Solaris user object in native LDAP:

        # idmap set-namemap unixuser:username winuser:username@domain-name

        For example, the following command maps Oracle Solaris user mary to Windows user maryb@example.com by adding the Windows name to the native LDAP object for mary.

        # idmap set-namemap unixuser:mary winuser:maryb@example.com
    • Augment a group object.

      • To augment the Windows group object in AD:

        # idmap set-namemap wingroup:group-name@domain-name unixgroup:group-name

        For example, the following command maps the Windows group salesgrp@example.com to the Oracle Solaris group sales by adding the Oracle Solaris name to the AD object for salesgrp@example.com.

        # idmap set-namemap wingroup:salesgrp@example.com unixgroup:sales

      • To augment the Oracle Solaris group object in native LDAP:

        # idmap set-namemap unixgroup:group-name wingroup:group-name@domain-name

        For example, the following command maps the Oracle Solaris group sales to the Windows group salesgrp@example.com by adding the Windows name to the native LDAP object for sales.

        # idmap set-namemap unixgroup:sales wingroup:salesgrp@example.com
Copyright © 2007, 2017, Oracle and/or its affiliates. All rights reserved. 
Previous
Next