Managing Rule-Based Identity Mapping for Users and Groups

Language:

This section describes how to use the idmap command to manage identity mapping. The following table points to the tasks that you can use to manage rule-based identity mapping for the SMB server in a Windows environment. These tasks use the idmap (1M) command to manage identity mapping.

Task	Description	For Instructions
Add a user or group mapping rule.	Use `idmap` rules to create identity equivalents for Windows users or Windows groups and Oracle Solaris users or Oracle Solaris users based on the names in the naming services.	How to Add a User or Group Mapping Rule
Import rule-based user mappings from the `usermap.cfg` file.	Adds one or more user mappings from a `usermap.cfg` file that specifies rule-based mappings.	How to Import User Mappings From a Rule-Mapping File
List all of the mappings.	Review all mappings or to find particular mappings for users and groups.	Viewing Mapping Information
Show the mapping for a particular identity.	View how a particular name or ID is mapped.	Viewing a Mapping for a Particular Identity
Show all the established mappings.	View the mappings stored in the cache.	Viewing All Established Mappings
Remove a user or group mapping rule.	Removes a rule-based mapping when a user or group is no longer part of the naming service in your Windows domain.	How to Remove a User or Group Mapping Rule

For more information about user and group identities, see Mapping User and Group Identities. For more information about how to determine your identity mapping strategy, see Creating Your Identity Mapping Strategy.

Note - In a cluster configuration, changes made to user maps and to group maps on one server are immediately propagated to the other server.