1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>idmap_tdb</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="idmap_tdb.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>idmap_tdb — Samba's idmap_tdb Backend for Winbind</p></div><div class="refsynopsisdiv"><h2>DESCRIPTION</h2><p> 2 The idmap_tdb plugin is the default backend used by winbindd 3 for storing SID/uid/gid mapping tables. 4 </p><p> 5 In contrast to read only backends like idmap_rid, it is an allocating 6 backend: This means that it needs to allocate new user and group IDs in 7 order to create new mappings. The allocator can be provided by the 8 idmap_tdb backend itself or by any other allocating backend like 9 idmap_ldap or idmap_tdb2. This is configured with the 10 parameter <em class="parameter"><code>idmap alloc backend</code></em>. 11 </p><p> 12 Note that in order for this (or any other allocating) backend to 13 function at all, the default backend needs to be writeable. 14 The ranges used for uid and gid allocation are the default ranges 15 configured by "idmap uid" and "idmap gid". 16 </p><p> 17 Furthermore, since there is only one global allocating backend 18 responsible for all domains using writeable idmap backends, 19 any explicitly configured domain with idmap backend tdb 20 should have the same range as the default range, since it needs 21 to use the global uid / gid allocator. See the example below. 22 </p></div><div class="refsect1" lang="en"><a name="id2522938"></a><h2>IDMAP OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">range = low - high</span></dt><dd><p> 23 Defines the available matching uid and gid range for which the 24 backend is authoritative. 25 If the parameter is absent, Winbind fails over to use 26 the "idmap uid" and "idmap gid" options 27 from smb.conf. 28 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id2483330"></a><h2>EXAMPLES</h2><p> 29 This example shows how tdb is used as a the default idmap backend. 30 It configures the idmap range through the global options for all 31 domains encountered. This same range is used for uid/gid allocation. 32 </p><pre class="programlisting"> 33 [global] 34 # "idmap backend = tdb" is redundant here since it is the default 35 idmap backend = tdb 36 idmap uid = 1000000-2000000 37 idmap gid = 1000000-2000000 38 </pre><p> 39 This (rather theoretical) example shows how tdb can be used as the 40 allocating backend while ldap is the default backend used to store 41 the mappings. 42 It adds an explicit configuration for some domain DOM1, that 43 uses the tdb idmap backend. Note that the same range as the 44 default uid/gid range is used, since the allocator has to serve 45 both the default backend and the explicitly configured domain DOM1. 46 </p><pre class="programlisting"> 47 [global] 48 idmap backend = ldap 49 idmap uid = 1000000-2000000 50 idmap gid = 1000000-2000000 51 # use a different uid/gid allocator: 52 idmap alloc backend = tdb 53 54 idmap config DOM1 : backend = tdb 55 idmap config DOM1 : range = 1000000-2000000 56 </pre></div><div class="refsect1" lang="en"><a name="id2483372"></a><h2>AUTHOR</h2><p> 57 The original Samba software and related utilities 58 were created by Andrew Tridgell. Samba is now developed 59 by the Samba Team as an Open Source project similar 60 to the way the Linux kernel is developed. 61 </p></div></div></body></html> 62