Michael Anderson wrote:
We're migrating from a BSD Samba/NFS server to OpenSolaris CIFS/NFS,
using a W2k3 AD Server with MS SFU for auth and user database.

What build are you running?

Setting up LDAP with the SFU attributes works fine for NFS, but I cannot
figure out the CIFS side of things. I thought that something like:

svccfg -s svc:/system/idmap setprop
config/ds_name_mapping_enabled=boolean: true
svccfg -s svc:/system/idmap setprop config/ad_unixuser_attr=astring:
svccfg -s svc:/system/idmap setprop config/ad_unixgroup_attr=astring:

would work but, but it does not.

I would indeed expect that to work, but I can't say that I've tried it. The first thing that comes to mind as a possible problem is case sensitivity issues; when I look at my IDMU-based entries msSFU30Name is in mixed case, and that wouldn't tend to play nice with UNIX name services.

Name-based mapping works, at least for uids, but would be too cumbersome to maintain in our environment.

Has anybody gotten AD idmapping working with SFU?

Recent emphasis has been on IDMU support using the UID/GID supplied by IDMU. (It might work for SFU too, but that wasn't a goal and hasn't been tested.) That was delivered in build 124.

I'm pretty sure people have made the ds_name_mapping_enabled support work with SFU, but that mostly predates my tenure as custodian of idmap.

cifs-discuss mailing list

Reply via email to