Drew Balfour wrote:
On 12/22/09 07:04 PM, Jordan Brown wrote:
No, shouldn't be necessary in this case. There's a rule in place to map
same-named Windows users across to UNIX users, and that should be OK.
But if the intent was to use the idmu values in the ldap directory, it
should be set, no?
Shrug. You can use the IDMU data to map by UID, or you can use a rule to
map by name.
Ie, they should have either idmu set, or the idmap rule not both.
Yes, and in this case they appear to be using only the rule.
BTW, it shouldn't be harmful to have both, but the rule will only be used
if there's no IDMU data or, I believe, if there's no UNIX user
corresponding to the IDMU data.
BTW, you don't have to restart idmap to change this setting. Offhand, I
don't think there are any settings that require a restart. There aren't
supposed to be.
Really? svcprop won't show the new setting as being part of the current
manifest until there's a refresh done. I just assumed that a restart was
required after a refresh. Thanks for the info.
A refresh is required, but not a restart. Some services might not pay
attention to the refresh event, but idmapd does and reloads all of its
settings.
_______________________________________________
cifs-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
