Managing Directory-Based Name Mapping for Users and Groups
The following table points to the tasks that you can use to manage directory-based identity mapping for the SMB server in a Windows environment.
These tasks use the idmap
(8) command to manage identity mapping.
Task | Description | For Instructions |
---|---|---|
Extend the Active Directory (AD) schema with user and group name attributes. |
Extends the AD schema and populates the user and group objects with UNIX user and group name information. |
How to Extend the Active Directory Schema, and User and Group Entries |
Extend the native LDAP schema with user and group name attributes. |
Extends the native LDAP schema and populates the user and group objects with Windows user and group name information. |
How to Extend the Native LDAP Schema, and User and Group Entries |
Configure directory-based name mapping. |
Enables directory-based mapping. This procedure also informs the |
|
Add a directory-based name mapping to a user or group object. |
Adds a directory-based name mapping to a user or group object in AD or native LDAP. |
How to Add a Directory-Based Name Mapping to a User or Group Object |
Remove a directory-based name mapping from a user or group object. |
Removes a directory-based name mapping from a user or group object in AD or native LDAP. |
How to Remove a Directory-Based Name Mapping From a User or Group Object |
For more information about user and group identities, see Mapping User and Group Identities. For more information about how to determine your identity mapping strategy, see Creating Your Identity Mapping Strategy.