On Sun, Aug 12, 2012 at 6:51 PM, Jim Klimov <[email protected]> wrote: > I might suggest an alternative solution, which may be an overkill for > a single fileserver, but is rather widely employed in heterogenous > shops: fire up a naming service (such as LDAP), and the fileserver > would be its client. idmap mappings can be set up to map Windows > users not to ephemeral IDs, but to statically defined individual > POSIX UIDs from this LDAP service which can be used in ALCs, file > ownerships, etc. [...]
That's exactly what the "IDMU" feature of Active Directory gets you. All you have to do is enable IDMU features in AD, setup the LDAP client side (nss_ldap) so it talks to AD, and tell idmap to use IDMU. -- Gordon Ross <[email protected]> Nexenta Systems, Inc. www.nexenta.com Enterprise class storage for everyone _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
