idmap_tdb2(8)

1IDMAP_TDB2(8)             System Administration tools            IDMAP_TDB2(8)
2
3
4

NAME

6       idmap_tdb2 - Samba's idmap_tdb2 Backend for Winbind
7

DESCRIPTION

9       The idmap_tdb2 plugin is a substitute for the default idmap_tdb backend
10       used by winbindd for storing SID/uid/gid mapping tables in clustered
11       environments with Samba and CTDB.
12
13       In contrast to read only backends like idmap_rid, it is an allocating
14       backend: This means that it needs to allocate new user and group IDs in
15       order to create new mappings.
16

IDMAP OPTIONS

18       range = low - high
19           Defines the available matching uid and gid range for which the
20           backend is authoritative.
21
22       script
23           This option can be used to configure an external program for
24           performing id mappings instead of using the tdb counter. The
25           mappings are then stored int tdb2 idmap database. For details see
26           the section on IDMAP SCRIPT below.
27

IDMAP SCRIPT

29       The tdb2 idmap backend supports an external program for performing id
30       mappings through the smb.conf option idmap config * : script or its
31       deprecated legacy form idmap : script.
32
33       The mappings obtained by the script are then stored in the idmap tdb2
34       database instead of mappings created by the incrementing id counters.
35       It is therefore important that the script covers the complete range of
36       SIDs that can be passed in for SID to Unix ID mapping, since otherwise
37       SIDs unmapped by the script might get mapped to IDs that had previously
38       been mapped by the script.
39
40       The script should accept the following command line options.
41
42                SIDTOID S-1-xxxx
43                IDTOSID UID xxxx
44                IDTOSID GID xxxx
45
46
47       And it should return one of the following responses as a single line of
48       text.
49
50                UID:yyyy
51                GID:yyyy
52                SID:yyyy
53                ERR:yyyy
54
55

EXAMPLES

57       This example shows how tdb2 is used as a the default idmap backend.
58
59                [global]
60                idmap config * : backend = tdb2
61                idmap config * : range = 1000000-2000000
62
63
64       This example shows how tdb2 is used as a the default idmap backend
65       using an external program via the script parameter:
66
67                [global]
68                idmap config * : backend = tdb2
69                idmap config * : range = 1000000-2000000
70                idmap config * : script = /usr/local/samba/bin/idmap_script.sh
71
72

AUTHOR

74       The original Samba software and related utilities were created by
75       Andrew Tridgell. Samba is now developed by the Samba Team as an Open
76       Source project similar to the way the Linux kernel is developed.
77
78
79
80Samba 4.11.4                      12/16/2019                     IDMAP_TDB2(8)