该示例在 Windows 用户与 Unix 用户之间创建了一个基于名称的双向映射。
twofish:> configuration services idmap twofish:configuration services idmap> create twofish:configuration services idmap (uncommitted)> set windomain=eng.fishworks.com twofish:configuration services idmap (uncommitted)> set winname=Bill twofish:configuration services idmap (uncommitted)> set direction=bi twofish:configuration services idmap (uncommitted)> set unixname=wdp twofish:configuration services idmap (uncommitted)> set unixtype=user twofish:configuration services idmap (uncommitted)> commit twofish:configuration services idmap> list MAPPING WINDOWS ENTITY DIRECTION UNIX ENTITY idmap-000 Bill@eng.fishworks.com (U) == wdp (U)示例 3-2 创建拒绝映射示例
下一个示例创建了一个拒绝映射,来阻止某域中的所有 Windows 用户获取凭证。
twofish:configuration services idmap> create twofish:configuration services idmap (uncommitted)> list Properties: windomain = (unset) winname = (unset) direction = (unset) unixname = (unset) unixtype = (unset) twofish:configuration services idmap (uncommitted)> set windomain=guest.fishworks.com twofish:configuration services idmap (uncommitted)> set winname=* twofish:configuration services idmap (uncommitted)> set direction=win2unix twofish:configuration services idmap (uncommitted)> set unixname= twofish:configuration services idmap (uncommitted)> set unixtype=user twofish:configuration services idmap (uncommitted)> commit twofish:configuration services idmap> list MAPPING WINDOWS ENTITY DIRECTION UNIX ENTITY idmap-000 Bill@eng.fishworks.com (U) == wdp (U) idmap-001 *@guest.fishworks.com (U) => "" (U)