On Fri, Nov 30, 2007 at 12:23:59AM -0800, Alan M Wright wrote:
> If you have idmap auto-discoverable SMF properties set (to get
> around the idmapd startup issue), please do the following to
> allow idmapd to perform auto-discovery after domain join.
You shouldn't have to do this anymore from build 78 on up.
> svccfg -s idmap
> listprop config/mapping_domain <-- to view the property value
This has changed to config/default_domain. The value of that property
specifies what AD domain name to use to qualify unqualified Windows
user/group names in "idmap show -c winuser:..." command lines and in
name-based mapping rules:
idmap add winuser:Administrator unixuser:root
which says "map Administrator@<config/default_domain> to root".
> Please set the config/domain_name using the config/mapping_domain
> property value.
You don't have to provided that the domain that you joined appears in
the search list in /etc/resolv.conf. idmapd will auto-discover that and
the remaining properties.
All svc:/system/idmap:default properties are unstable and undocumented
at this time. We're likely to make config/default_domain a Committed
property, but the other properties will likely end up getting moved
elsewhere. That's because the names of the domain/forest/site joined
and the lists of site-local and global DCs and GCs are not useful only
to one service, but to two services, and eventually to many more, no
doubt -- so why should these properties live in svc:/system/idmap??
Nico
--
_______________________________________________
storage-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/storage-discuss
