Table of Contents
Advertisement
■
■
hostname:configuration services idmap> set directory_based_mapping=name
hostname:configuration services idmap> set ad_unixuser_attr=demo_unixuser
hostname:configuration services idmap> set ad_unixgroup_attr=demo_group
hostname:configuration services idmap> set nldap_winname_attr=demo_winuser
■
To use Identity Management for UNIX (IDMU), set directory_based_mapping to
idmu.
hostname:configuration services idmap> set directory_based_mapping=idmu
hostname:configuration services idmap>
Related Topics
For information on the different mapping modes, see
■
Concepts" on page
To create an "allow" or "deny" mapping rule, see
■
(CLI)" on page
Creating a Mapping Rule (BUI)
Use the following procedure to grant or deny credentials for specific users through the identity
mapping service. An "allow" mapping rule grants Windows identity credentials from a UNIX
identity or vice versa. A "deny" mapping rule blocks a Windows identity from receiving the
credentials of a UNIX identity or vice versa.
Note -
changes, the mapping no longer blocks that user.
Configure rule-based mapping as described in
Before You Begin
(BUI)" on page
1.
Go to Configuration > Services > Identity Mapping > Rules.
2.
Click the add item icon
3.
In the Add Mapping Rule dialog box, choose either Allow or Deny for the mapping
type.
ad_unixgroup_attr - Name in the Active Directory database of the equivalent UNIX
group name
nldap_winname_attr - Name in the LDAP database of the equivalent Windows
identity
308.
302.
If you create a mapping rule that blocks a particular user, and the user's name then
299.
"Creating a Mapping Rule
"Configuring Identity Mapping
next to Rules.
Creating a Mapping Rule (BUI)
"Identity Mapping
Appliance Services
301
Advertisement
Table of Contents
