svn commit: samba-docs r260 - in trunk/Samba-HOWTO-Collection: .

jht at samba.org jht at samba.org
Sun Oct 31 04:09:58 GMT 2004 

Author: jht
Date: 2004-10-31 04:09:58 +0000 (Sun, 31 Oct 2004)
New Revision: 260

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-docs&rev=260

Log:
Work in progress commit - Adding IDMAP documentation.
Added:
   trunk/Samba-HOWTO-Collection/IDMAP.xml
Modified:
   trunk/Samba-HOWTO-Collection/Group-Mapping.xml
   trunk/Samba-HOWTO-Collection/Passdb.xml
   trunk/Samba-HOWTO-Collection/index.xml


Changeset:
Modified: trunk/Samba-HOWTO-Collection/Group-Mapping.xml
===================================================================
--- trunk/Samba-HOWTO-Collection/Group-Mapping.xml	2004-10-28 15:48:25 UTC (rev 259)
+++ trunk/Samba-HOWTO-Collection/Group-Mapping.xml	2004-10-31 04:09:58 UTC (rev 260)
@@ -54,6 +54,7 @@
 	<para>
 <indexterm><primary>UID</primary></indexterm>
 <indexterm><primary>GID</primary></indexterm>
+<indexterm><primary>idmap uid</primary></indexterm>
 	Group accounts can be managed using the MS Windows NT4 or MS Windows 200x/XP Professional MMC tools.
 	Appropriate interface scripts should be provided in &smb.conf; if it is desired that UNIX/Linux system
 	accounts should be automatically created when these tools are used. In the absence of these scripts, and
@@ -73,6 +74,7 @@
 	</image>
 
 	<para>
+	<indexterm><primary>IDMAP</primary></indexterm>
 	In both cases, when winbindd is not running, only locally resolvable groups can be recognized. Please refer to
 	<link linkend="idmap-sid2gid">IDMAP: group SID to GID resolution</link> and <link linkend="idmap-gid2sid">IDMAP: GID resolution to matching SID</link>. 
 	The <command>net groupmap</command> is

Added: trunk/Samba-HOWTO-Collection/IDMAP.xml
===================================================================
--- trunk/Samba-HOWTO-Collection/IDMAP.xml	2004-10-28 15:48:25 UTC (rev 259)
+++ trunk/Samba-HOWTO-Collection/IDMAP.xml	2004-10-31 04:09:58 UTC (rev 260)
@@ -0,0 +1,136 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+		"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
+
+  <!-- entities files to use -->
+  <!ENTITY % global_entities SYSTEM '../entities/global.entities'>
+  %global_entities;
+
+]>
+
+<chapter id="groupmapping">
+<chapterinfo>
+	&author.jht;
+</chapterinfo>
+<title>Identity Mapping &smbmdash; IDMAP</title>
+
+<para>
+The Microsoft Windows operating system has a number of features that impose specific challenges
+for interoperability with operaing system on which Samba is implemented. This chapter deals
+explicitly with the mechanisms Samba-3 (version 3.0.8 and later) has to overcome one of the
+key challenges in the integration of Samba servers into an MS Windows networking
+environment. This chapter deals with IDentity MAPping (IDMAP) of Windows Security IDentifiers (SIDs)
+to UNIX UIDs and GIDs.
+</para>
+
+<para>
+So that this area is covered sufficiently, eash possible Samba deployment type will be discussed.
+This is followed by an overview of how the IDMAP facility may be implemented.
+</para>
+
+<para>
+The IDMAP facility is usually of concern only where more than one Samba server or Samba network client
+is installed in the one Domain. Where there is a single Samba server do not be too concerned regarding
+the IDMAP infrastructure - the default behavior of Samba is nearly always sufficient.
+</para>
+
+<sect1>
+<title>Samba Server Deployment Types</title>
+
+<para>
+There are four (4) basic server deployment types, as documented in <link linkend="ServerType">the chapter
+on Server Types and Security Modes</link>.
+</para>
+
+	<sect2>
+	<title>Stand-Alone Samba Server</title>
+
+	<para>
+	</para>
+
+	</sect2>
+
+	<sect2>
+	<title>Domain Member Server or Domain Member Client</title>
+
+	<para>
+	</para>
+
+	</sect2>
+
+	<sect2>
+	<title>Primary Domain Controller</title>
+
+	<para>
+	</para>
+
+	</sect2>
+
+	<sect2>
+	<title>Backup Domain Controller</title>
+
+	<para>
+	</para>
+
+	</sect2>
+
+</sect1>
+
+<sect1>
+<title>IDMAP Backend Usage</title>
+
+<para>
+</para>
+
+	<sect2>
+	<title>Default Winbind TDB</title>
+
+	<para>
+	</para>
+
+	</sect2>
+
+	<sect2>
+	<title>IDMAP Storage in LDAP using Winbind</title>
+
+	<para>
+	</para>
+
+	</sect2>
+
+	<sect2>
+	<title>IDMAP and NSS IDMAP Resolution</title>
+
+	<para>
+	</para>
+
+		<sect3>
+		<title>IDMAP, Active Directory and MS Services for UNIX 3.5</title>
+
+		<para>
+		</para>
+
+		</sect3>
+
+		<sect3>
+		<title>IDMAP, Active Directory and AD4UNIX</title>
+
+		<para>
+		</para>
+
+		</sect3>
+
+	</sect2>
+
+	<sect2>
+	<title>IDMAP_RID with Winbind</title>
+
+	<para>
+	</para>
+
+	</sect2>
+
+</sect1>
+
+
+</chapter>

Modified: trunk/Samba-HOWTO-Collection/Passdb.xml
===================================================================
--- trunk/Samba-HOWTO-Collection/Passdb.xml	2004-10-28 15:48:25 UTC (rev 259)
+++ trunk/Samba-HOWTO-Collection/Passdb.xml	2004-10-31 04:09:58 UTC (rev 260)
@@ -372,6 +372,8 @@
 	</para>
 
 	<para>
+	<indexterm><primary>idmap uid</primary></indexterm>
+	<indexterm><primary>idmap gid</primary></indexterm>
 	The second way to effect Windows SID to UNIX UID mapping is via the
 	<emphasis>idmap uid</emphasis> and <emphasis>idmap gid</emphasis> parameters in &smb.conf;.
 	Please refer to the man page for information about these parameters.
@@ -392,6 +394,7 @@
 	</para>
 
 	<para>
+	<indexterm><primary>idmap backend</primary></indexterm>
 	The special facility is enabled using a parameter called <parameter>idmap backend</parameter>.
 	The default setting for this parameter is an empty string. Technically it is possible to use
 	an LDAP based idmap backend for UIDs and GIDs, but it makes most sense when this is done for

Modified: trunk/Samba-HOWTO-Collection/index.xml
===================================================================
--- trunk/Samba-HOWTO-Collection/index.xml	2004-10-28 15:48:25 UTC (rev 259)
+++ trunk/Samba-HOWTO-Collection/index.xml	2004-10-31 04:09:58 UTC (rev 260)
@@ -135,6 +135,7 @@
 <xi:include href="NetworkBrowsing.xml"/>
 <xi:include href="Passdb.xml"/>
 <xi:include href="Group-Mapping.xml"/>
+<xi:include hred="IDMAP.xml"/>
 <xi:include href="AccessControls.xml"/>
 <xi:include href="locking.xml"/>
 <xi:include href="Securing.xml"/>

More information about the samba-cvs mailing list