On Tue, Feb 05, 2008 at 09:14:09AM -0800, Rob Nelson wrote: > Is there some documentation on how to map solaris LDAP schema to > Windows AD schema for using the new "AD-only" idmapping mode that came > in from 2007/663 in snv_b81?
I don't know what official Sun docs document the schema mapping procedures for nss_ldap, but I've certainly found plenty of material on the web, this being the most salient: http://blog.scottlowe.org/?p=447 (Scroll down to "Configuring LDAP".) > How does one put idmap in AD-only mode, and then insure that the > RFC2307 schema in Windows AD is used? You don't have to do anything at all for idmap to be in AD-only mode. By default it only does ephemeral ID mapping (for SID->UID/GID mapping) and local SID mapping (for non-ephemeral UID/GID->SID mapping). > I have installed "Unix Services" under W2K3 Server which gives AD the > RFC2307 schema support, but how does one configure the idmap side? One doesn't configure idmap so much as the native LDAP client. The configuration involves installing schema mapping information. That is, running ldapclient(1M) with -a arguments to setup attributeMap, objectClassMap, ... Nico -- _______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
