Michael Anderson wrote:
We're migrating from a BSD Samba/NFS server to OpenSolaris CIFS/NFS,
using a W2k3 AD Server with MS SFU for auth and user database.
What build are you running?
Setting up LDAP with the SFU attributes works fine for NFS, but I cannot
figure out the CIFS side of things. I thought that something like:
svccfg -s svc:/system/idmap setprop
config/ds_name_mapping_enabled=boolean: true
svccfg -s svc:/system/idmap setprop config/ad_unixuser_attr=astring:
msSFU30Name
svccfg -s svc:/system/idmap setprop config/ad_unixgroup_attr=astring:
msSFU30Group
would work but, but it does not.
I would indeed expect that to work, but I can't say that I've tried it.
The first thing that comes to mind as a possible problem is case
sensitivity issues; when I look at my IDMU-based entries msSFU30Name is
in mixed case, and that wouldn't tend to play nice with UNIX name services.
Name-based mapping works, at least for uids, but would be too
cumbersome to maintain in our environment.
Has anybody gotten AD idmapping working with SFU?
Recent emphasis has been on IDMU support using the UID/GID supplied by
IDMU. (It might work for SFU too, but that wasn't a goal and hasn't
been tested.) That was delivered in build 124.
I'm pretty sure people have made the ds_name_mapping_enabled support
work with SFU, but that mostly predates my tenure as custodian of idmap.
_______________________________________________
cifs-discuss mailing list
cifs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
