idmap_tdb2 - Samba's idmap_tdb2 Backend for Winbind
Please see following description for synopsis
System Administration tools IDMAP_TDB2(8)
NAME
idmap_tdb2 - Samba's idmap_tdb2 Backend for Winbind
DESCRIPTION
The idmap_tdb2 plugin is a substitute for the default idmap_tdb backend
used by winbindd for storing SID/uid/gid mapping tables in clustered
environments with Samba and CTDB.
In contrast to read only backends like idmap_rid, it is an allocating
backend: This means that it needs to allocate new user and group IDs in
order to create new mappings.
IDMAP OPTIONS
range = low - high
Defines the available matching uid and gid range for which the
backend is authoritative.
script
This option can be used to configure an external program for
performing id mappings instead of using the tdb counter. The
mappings are then stored int tdb2 idmap database. For details see
the section on IDMAP SCRIPT below.
IDMAP SCRIPT
The tdb2 idmap backend supports an external program for performing id
mappings through the smb.conf option idmap config * : script or its
deprecated legacy form idmap : script.
The mappings obtained by the script are then stored in the idmap tdb2
database instead of mappings created by the incrementing id counters.
It is therefore important that the script covers the complete range of
SIDs that can be passed in for SID to Unix ID mapping, since otherwise
SIDs unmapped by the script might get mapped to IDs that had previously
been mapped by the script.
The script should accept the following command line options.
SIDTOID S-1-xxxx
IDTOSID UID xxxx
IDTOSID GID xxxx
And it should return one of the following responses as a single line of
text.
UID:yyyy
GID:yyyy
SID:yyyy
ERR:yyyy
EXAMPLES
This example shows how tdb2 is used as a the default idmap backend.
[global]
idmap config * : backend = tdb2
idmap config * : range = 1000000-2000000
This example shows how tdb2 is used as a the default idmap backend
using an external program via the script parameter:
[global]
idmap config * : backend = tdb2
idmap config * : range = 1000000-2000000
idmap config * : script = /usr/local/samba/bin/idmap_script.sh
AUTHOR
The original Samba software and related utilities were created by
Andrew Tridgell. Samba is now developed by the Samba Team as an Open
Source project similar to the way the Linux kernel is developed.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
+---------------+-----------------------+
|ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+---------------+-----------------------+
|Availability | service/network/samba |
+---------------+-----------------------+
|Stability | Volatile |
+---------------+-----------------------+
NOTES
Source code for open source software components in Oracle Solaris can
be found at https://www.oracle.com/downloads/opensource/solaris-source-
code-downloads.html.
This software was built from source available at
https://github.com/oracle/solaris-userland. The original community
source was downloaded from
https://download.samba.org/pub/samba/stable/samba-4.13.17.tar.gz.
Further information about this software can be found on the open source
community website at http://www.samba.org/.
Samba 4.13.17 06/28/2022 IDMAP_TDB2(8)