Lines Matching full:name

5 .\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
7 .SH NAME
102 groups by name.
109 that is not already mapped by name.
120 The \fBidmap\fR utility can be used to create and manage the name-based
135 SIDs are mapped by name.
137 This mapping uses the name-based mappings that are manually set up by the
143 If no name-based mapping is found, the SID is mapped to a dynamically
162 .SS "Name-based Mappings"
165 Name-based mappings establish name equivalence between Windows users and groups
166 and their counterparts in the UNIX name service. These mappings persist across
168 with the same name:
183 corresponding Solaris user or group name or numeric id. Similarly, the native
185 corresponding Windows user or group name.
189 name mappings by setting the appropriate service management facility (SMF)
194 If directory-based name mapping is not configured or if configured but not
195 found, then \fBidmapd\fR(1M) will process locally stored name-based mapping
219 canonical form. That is, either the default domain name will be added (for
220 names that are not well-known) or an appropriate built-in domain name will be
221 added. Depending on the particular well-known name, this domain name might be
222 null, \fBBUILTIN\fR, or the local host name.
226 non-well-known name \fBfred\fR and the well-known names \fBadministrator\fR and
260 for SIDs that cannot be mapped by name.
269 If no name-based mapping is found, a non-ephemeral UID or GID is mapped to an
287 When mapping a Windows name to a UNIX name, lookup for name-based mapping rules
292 \fIwindows-name\fR\fB@\fR\fIdomain\fR to \fB""\fR
297 \fIwindows-name\fR\fB@\fR\fIdomain\fR to \fIunix-name\fR
302 \fIwindows-name\fR\fB@*\fR to \fB""\fR
307 \fIwindows-name\fR\fB@*\fR to \fIunix-name\fR
322 \fB*@\fR\fIdomain\fR to \fIunix-name\fR
337 \fB*@*\fR to \fIunix-name\fR
341 When mapping a UNIX name to a Windows name, lookup for name-based mapping rules
346 \fIunix-name\fR to \fB""\fR
351 \fIunix-name\fR to \fIwindows-name\fR\fB@\fR\fIdomain\fR
366 \fB*\fR to \fIwindows-name\fR\fB@\fR\fIdomain\fR
383 Specify the name of the AD attribute that contains the UNIX user name. There is
394 Specify the name of the AD attribute that contains the UNIX group name. There
405 Specify the name of the Native LDAP attribute that contains the Windows
406 user/group name. There is no default.
420 \fBname\fR enables name-based mapping using the properties described above.
445 Specifies the format in which user name mappings are described for the
462 \fIwindows-username\fR is a Windows user name in either the
465 \fIunix-username\fR is a UNIX user name.
515 (\fB*\fR) for \fIwindows-name\fR is supported. However, the \fB@group\fR
519 \fIwindows-name\fR to the equivalent \fIunix-name\fR, if any. If you want to
539 Specifies a user name, user ID, group name, or group ID. \fIidentity\fR is
592 UNIX user name
601 UNIX group name
610 Windows user name
619 Windows group name
628 Windows user or group name
632 \fItype\fR. For instance, \fBunixgroup:staff\fR specifies the UNIX group name,
644 Specifies a UNIX name (\fBunixuser\fR, \fBunixgroup\fR) or a Windows name
645 (\fBwinuser\fR, \fBwingroup\fR) that can be used for name-based mapping rules.
648 A Windows security entity name can be specified in one of these ways:
668 name of \fB""\fR should not be used to preclude logins by unmapped Windows
673 name (\fB*@*\fR), it matches all names in all domains that are not matched by
676 If \fIname\fR uses the wildcard on both sides of the mapping rule, the name is
678 \fB"*@domain" == "*"\fR, the \fBjp@domain\fR Windows user name matches this
679 rule and maps to the \fBjp\fR Solaris user name.
728 Adds a name-based mapping rule. By default, the name mapping is bidirectional.
732 Either \fIname1\fR or \fIname2\fR must be a Windows name, and the other must be
733 a UNIX name. For the Windows name, the \fBwinname\fR identity type must not be
763 Exports name-based mapping rules to standard output in the specified
775 Get the directory-based name mapping information from the AD or native LDAP
776 user or group object represented by the specified name.
796 Imports name-based mapping rules from standard input by using the specified
798 file. The \fB-F\fR option flushes existing name-based mapping rules before
815 Lists all name-based mapping rules. Each rule appears in its \fBidmap add\fR
826 Removes any name-based mapping rule that involves the specified name.
827 \fIname\fR can be either a UNIX or Windows user name or group name.
843 Removes all name-based mapping rules.
855 Removes name-based mapping rules between \fIname1\fR and \fIname2\fR. If the
859 Either \fIname1\fR or \fIname2\fR must be a Windows name, and the other must be
860 a UNIX name.
873 Sets name mapping information in the AD or native LDAP user or group object.
874 Either \fIname1\fR or \fIname2\fR must be a Windows name, and the other must be
875 a UNIX name.
877 If \fIname1\fR is a Windows name, then the UNIX name \fIname2\fR is added to
879 name then the Windows name \fIname2\fR is added to the native LDAP entry
901 Uses the distinguished name \fIbindDN\fR to bind to the directory.
928 already. The \fB-c\fR option forces the evaluation of name-based mapping
943 Unsets directory-based name mapping information from the AD or native LDAP user
944 or group object represented by the specified name and optional target type.
951 \fBExample 1 \fRUsing a Wildcard on Both Sides of a Name-Based Mapping Rule
956 otherwise mapped. If such a rule is matched but the UNIX user name does not
968 \fBExample 2 \fRUsing a Wildcard on One Side of a Name-Based Mapping Rule
984 \fBExample 3 \fRAdding a Bidirectional Name-Based Mapping Rule
1032 The following command shows the UNIX user name that the specified Windows user
1033 name, \fBjoe@example.com\fR, maps to:
1103 \fBExample 7 \fRListing Name-Based Mapping Rules
1106 The following command shows how to list the name-based mapping rules:
1119 \fBExample 8 \fRImporting Name-Based Mapping Rules From the \fBusermap.cfg\fR
1123 The \fBusermap.cfg\fR file can be used to configure name-based mapping rules.
1180 \fBExample 9 \fRUsing Name-Based and Ephemeral ID Mapping With Identity
1185 UNIX user accounts of the same name. The command also specifies mappings for
1206 \fBExample 10 \fRAdding Directory-based Name Mapping to AD User Object
1210 \fBjoe\fR by adding the UNIX name to AD object for \fBjoe@example.com\fR.
1221 \fBExample 11 \fRAdding Directory-based Name Mapping to Native LDAP User Object
1225 \fBfoobar@example.com\fR by adding the Windows name to native LDAP object for
1237 \fBExample 12 \fRRemoving Directory-based Name Mapping from AD User Object
1307 name-rules and \fBidmap show\fR command lines is irrelevant.
1311 names, wildcard name-rules map Windows names to UNIX user/group names as
1312 follows: first, the canonical Windows name (that is, in the case as it appears
1313 in the directory) is used as a UNIX user or group name. If there is no such
1314 UNIX entity, then the Windows name's case is folded to lowercase and the result
1315 is used as the UNIX user or group name.