Administering ID mapping

Setting up an attribute map

If you want to set up an attribute map file, you must enter the attradmin command with the attribute map filename and specify the format the remote value should take in all map entries.

To set up a new file, enter:

attradmin -A attrname -I descr

where attrname is the name of the attribute, and descr is a string called a format descriptor. The format descriptor specifies the format in which the remote attribute value must be entered when a map entry is created.

If you're using cr1 as your authentication scheme, the format descriptor you need to enter is M1@M2.

NOTE: At this time, the cr1 authentication scheme is the only authentication scheme provided with UnixWare 7--with the exception of the traditional login/password scheme, which doesn't rely on ID mapping. Unless otherwise stated, examples throughout the discussion of ID mapping assume cr1 as the authentication scheme.

Field numbers indicate the order of significance of the fields. Higher numbered fields are the more significant. M2 in the descriptor M1@M2 means that the second field contains an entity of greater significance on the network than does the first field. The letter ``M'' indicates that the fields are required. The ``@'' symbol is a field separator. For example, given the format descriptor M1@M2, UID 104 on the remote system venus would be specified as 104@venus.

To set up a map file that maps UIDs on remote systems to UIDs on the local system, you might enter:

attradmin -A uid -I M1@M2

The file now appears in /etc/idmap/attrmap, and the format descriptor appears in the first line of the file.

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004