Solaris CIFS Administration Guide

ProcedureHow to Remove a Group Mapping Rule

The idmap command enables you to remove a rule-based mapping that you created.

  1. Become superuser, assume an equivalent role, obtain the solaris.admin.idmap.rules RBAC authorization, or use the “Idmap Service Management” RBAC profile.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services. To configure a role with the Primary Administrator profile, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Find the group mapping that you want to remove.


    # idmap list
    

    For example, to find all unidirectional group mappings that map to the Solaris group staff, type:


    # idmap list | grep staff
    
  3. Remove one or more group mappings.

    • Remove any rule-based mapping that involves the specified group name, group-name.


      # idmap remove group-name
      
    • Remove rule-based mappings between group-name1 and group-name2.


      # idmap remove group-name1 group-name2
      
    • Remove all rule-based mappings.


      # idmap remove -a