Enhancement to the nfsmapid Daemon

This feature is new in the Solaris Express 8/04 release and updated in the Solaris 10 3/05 release.

In NFS version 4, the nfsmapid daemon provides a mapping from a numeric user identification (UID) or a numeric group identification (GID) to a string representation, as well as the reverse. The string representation is used by the NFS version 4 protocol to represent owner or owner_group.

For example, the UID 123456 for the user, known_user, that is operating on a client that is named system.anydomain.com, would be mapped to known_user@anydomain.com. The NFS client sends the string representation, known_user@anydomain.com, to the NFS server. The NFS server maps the string representation, known_user@anydomain.com, to the unique UID 123456. nfsmapid uses the passwd and group entries in the /etc/nsswitch.conf file to determine which database will be consulted to perform the mappings.

For nfsmapid to work properly, clients and servers on NFS version 4 must have the same domain. To ensure that clients and servers have the same domain, nfsmapid configures the domain by following these strict precedence rules:

• The daemon first checks the /etc/default/nfs file for a value that has been assigned to the NFSMAPID_DOMAIN keyword. If a value is found, the assigned value takes precedence over any other settings. The assigned value is appended to the outbound attribute strings and is compared against inbound attribute strings.

• If no value has been assigned to NFSMAPID_DOMAIN, then the daemon checks for a domain name from a DNS TXT record on a DNS name server. To find a specific DNS record, nfsmapid relies on the resolv.conf(4) configuration file.

• If no DNS TXT record provides a domain name, then by default the nfsmapid daemon uses the local DNS domain.

The use of DNS TXT records is preferred. Configure the _nfsv4idmapdomain TXT record on DNS servers that provide domains for NFS version 4 clients and servers. TXT records provide better support for scaling issues and provide a single point of control.

If your network includes multiple DNS domains, but has only a single UID and GID namespace, all clients must use one value for NFSMAPID_DOMAIN. For sites that use DNS, nfsmapid resolves this issue by obtaining the domain name from the value that you assigned to _nfsv4idmapdomain. If your network is not configured to use DNS, during the first system boot the Solaris OS uses the sysidconfig(1M) utility to provide prompts for an NFS version 4 domain name.

For more information, see the nfsmapid(1M) and sysidtool(1M) man pages. See also the System Administration Guide: Network Services.