Administering ID mapping

Adding an entry to an idata file

To map a remote user to a login on the local system, add an entry for the remote user to the appropriate idata file. The local login must be in the /etc/passwd file on the local system.

When you add a user entry to idata, idadmin has the syntax

idadmin -S scheme -a -l logname -r g_name

where scheme is the name of the ID mapping scheme, g_name is the global name of the remote user, and logname is the local login. For example, given the format descriptor M1@M2, the following entry maps jeff on machine moon to the local login guest:

idadmin -S cr1 -a -l guest -r jeff@moon

You can set up transparent mapping of logins by using regular expressions in the g_name field and the ``%'' character in the logname field. The special characters supported by the idadmin command are explained on idadmin(1Mbnu).

File entries are sorted so that an entry that maps a login explicitly is found in a search before entries that implement transparent mapping. Likewise, entries that map logins transparently are sorted based on the position of the regular expression in the global name. Entries with a regular expression in place of a remote user login appear in the file before entries with a regular expression in place of a system name.

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004