The reason I ask is because I use a bunch of storage appliances that offer Secure-NFS
(NETAPP, EMC UNITY, etc.), but they only support NIS, IDMU, RFC2307, and RFC2307bis style
Identity Mapping, all of which require manual assignment of UID/GID numbers to objects in
LDAP, which is untenable for large environments. Microsoft even removed Unix Attribute
editor from their LDAP GUI for the RFC2307 attributes in Windows Server 2016 to push
people away from using rfc2307.
I would like to be able to provide a link to an RFC or design document describing the SSSD
ID Mapping algorithm so that these 3rd party vendors can incorporate an identical identity
mapping algorithm into their products, so that I can use their Secure-NFS product in
conjunction with sssd and have the uid and gid numbers match up with the other Linux hosts
in our environment.
Show replies by date