Creating a Mapping Rule (CLI)
■
unix2win - Mapping from UNIX to Windows
■
bi - Bidirectional mapping
d.
unixname - Set to one of the following options:
■ To create an "allow" mapping, set to the name of the UNIX identity, or
enter * to indicate all users of the specified type.
■ To create a "deny" mapping that blocks a Windows identity from
receiving the credentials of a UNIX identity, set to the name of the UNIX
identity.
■ To create a "deny" mapping that blocks a UNIX identity from receiving
the credentials of a Windows identity, do not set unixname.
e.
unixtype - Set to either user or group for the UNIX identity type.
hostname:configuration services idmap (uncommitted)> set windomain=demo.domain.com
hostname:configuration services idmap (uncommitted)> set winname=*
hostname:configuration services idmap (uncommitted)> set direction=win2unix
hostname:configuration services idmap (uncommitted)> set unixname=
hostname:configuration services idmap (uncommitted)> set unixtype=user
4.
Enter commit to commit the changes and create the mapping rule.
hostname:configuration services idmap (uncommitted)> commit
hostname:configuration services idmap>
You can use the list command to view the new rule in the Rules list.
hostname:configuration services idmap> list
MAPPING WINDOWS ENTITY DIRECTION UNIX ENTITY
idmap-000 Alice@demo.domain.com (U) == wdp (U)
idmap-001 *@demo.domain.com (U) => "" (U)
Example 13
Creating a Bi-Directional Mapping (CLI)
This example creates a bi-directional name-based mapping between a Windows user and UNIX
user.
hostname:> configuration services idmap
hostname:configuration services idmap> create
hostname:configuration services idmap (uncommitted)> set
windomain=eng.fishworks.com
304 Oracle ZFS Storage Appliance Administration Guide, Release OS8.6.x • September 2016
To Next Page
Loading...
