1IDMAP_SSS(8)                   SSSD Manual pages                  IDMAP_SSS(8)
2
3
4

NAME

6       idmap_sss - SSSD's idmap_sss Backend for Winbind
7

DESCRIPTION

9       The idmap_sss module provides a way to call SSSD to map UIDs/GIDs and
10       SIDs. No database is required in this case as the mapping is done by
11       SSSD.
12

IDMAP OPTIONS

14       range = low - high
15           Defines the available matching UID and GID range for which the
16           backend is authoritative.
17

EXAMPLES

19       This example shows how to configure idmap_sss as the default mapping
20       module.
21
22           [global]
23           security = ads
24           workgroup = <AD-DOMAIN-SHORTNAME>
25
26           idmap config <AD-DOMAIN-SHORTNAME> : backend        = sss
27           idmap config <AD-DOMAIN-SHORTNAME> : range          = 200000-2147483647
28
29           idmap config * : backend        = tdb
30           idmap config * : range          = 100000-199999
31
32
33       Please replace <AD-DOMAIN-SHORTNAME> with the NetBIOS domain name of
34       the AD domain. If multiple AD domains should be used each domain needs
35       an idmap config line with backend = sss and a line with a suitable
36       range.
37
38       Since Winbind requires a writeable default backend and idmap_sss is
39       read-only the example includes backend = tdb as default.
40

SEE ALSO

42       sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5),
43       sssd-ipa(5), sssd-ad(5), sssd-files(5), sssd-sudo(5), sssd-session-
44       recording(5), sss_cache(8), sss_debuglevel(8), sss_obfuscate(8),
45       sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8),
46       sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8).  sss_rpcidmapd(5)
47       sssd-systemtap(5)
48

AUTHORS

50       The SSSD upstream - https://github.com/SSSD/sssd/
51
52
53
54SSSD                              05/19/2021                      IDMAP_SSS(8)
Impressum