diff options
| author | Michael Adam <obnox@samba.org> | 2009-01-21 00:13:29 +0100 |
|---|---|---|
| committer | Michael Adam <obnox@samba.org> | 2009-01-21 00:16:29 +0100 |
| commit | 7c5621b6e09d9ae3fe936a86e46d1b0f35906e6d (patch) | |
| tree | eaec2440ec89de709f9c5bf6ce7fb71d48bdcd4f /docs-xml | |
| parent | 32be66b19da07983670002d1b2b5bc80cf0c8d16 (diff) | |
| download | samba-7c5621b6e09d9ae3fe936a86e46d1b0f35906e6d.tar.gz | |
s3:docs: update the idmap_ldap manpage to reflect current facts.
Michael
Diffstat (limited to 'docs-xml')
| -rw-r--r-- | docs-xml/manpages-3/idmap_ldap.8.xml | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/docs-xml/manpages-3/idmap_ldap.8.xml b/docs-xml/manpages-3/idmap_ldap.8.xml index c09c141bb49..ea9e5bf07ea 100644 --- a/docs-xml/manpages-3/idmap_ldap.8.xml +++ b/docs-xml/manpages-3/idmap_ldap.8.xml @@ -21,8 +21,25 @@ <para>The idmap_ldap plugin provides a means for Winbind to store and retrieve SID/uid/gid mapping tables in an LDAP directory - service. The module implements both the "idmap" and - "idmap alloc" APIs. + service. + In contrast to read only backends like idmap_rid, it is an allocating + backend: This means that it needs to allocate new user and group IDs to + create new mappings as requests to yet unmapped users are answered. + </para> + + <para> + Note that in order for this (or any other allocating) backend to + function at all, the default backend needs to be writeable. + The ranges used for uid and gid allocation are the default ranges + configured by "idmap uid" and "idmap gid". + </para> + + <para> + Furthermore, since there is only one global allocating backend + responsible for all domains using writeable idmap backends, + any explicitly configured domain with idmap backend ldap + should have the same range as the default range, since it needs + to use the global uid / gid allocator. See the example below. </para> </refsynopsisdiv> @@ -60,11 +77,10 @@ <term>range = low - high</term> <listitem><para> Defines the available matching uid and gid range for which the - backend is authoritative. Note that the range commonly matches - the allocation range due to the fact that the same backend will - store and retrieve SID/uid/gid mapping entries. If the parameter - is absent, Winbind fail over to use the "idmap uid" and - "idmap gid" options from smb.conf. + backend is authoritative. + If the parameter is absent, Winbind fails over to use the + "idmap uid" and "idmap gid" options + from smb.conf. </para></listitem> </varlistentry> </variablelist> |