| 4 |
- |
1 |
[General]
|
|
|
2 |
#Verbosity = 0
|
|
|
3 |
# The following should be set to the local NFSv4 domain name
|
|
|
4 |
# The default is the host's DNS domain name.
|
|
|
5 |
#Domain = local.domain.edu
|
|
|
6 |
|
|
|
7 |
# The following is a comma-separated list of Kerberos realm
|
|
|
8 |
# names that should be considered to be equivalent to the
|
|
|
9 |
# local realm, such that <user>@REALM.A can be assumed to
|
|
|
10 |
# be the same user as <user>@REALM.B
|
|
|
11 |
# If not specified, the default local realm is the domain name,
|
|
|
12 |
# which defaults to the host's DNS domain name,
|
|
|
13 |
# translated to upper-case.
|
|
|
14 |
# Note that if this value is specified, the local realm name
|
|
|
15 |
# must be included in the list!
|
|
|
16 |
#Local-Realms =
|
|
|
17 |
|
|
|
18 |
[Mapping]
|
|
|
19 |
|
|
|
20 |
Nobody-User = nobody
|
|
|
21 |
Nobody-Group = nobody
|
|
|
22 |
|
|
|
23 |
[Translation]
|
|
|
24 |
|
|
|
25 |
# Translation Method is an comma-separated, ordered list of
|
|
|
26 |
# translation methods that can be used. Distributed methods
|
|
|
27 |
# include "nsswitch", "umich_ldap", and "static". Each method
|
|
|
28 |
# is a dynamically loadable plugin library.
|
|
|
29 |
# New methods may be defined and inserted in the list.
|
|
|
30 |
# The default is "nsswitch".
|
|
|
31 |
Method = nsswitch
|
|
|
32 |
|
|
|
33 |
# Optional. This is a comma-separated, ordered list of
|
|
|
34 |
# translation methods to be used for translating GSS
|
|
|
35 |
# authenticated names to ids.
|
|
|
36 |
# If this option is omitted, the same methods as those
|
|
|
37 |
# specified in "Method" are used.
|
|
|
38 |
#GSS-Methods = <alternate method list for translating GSS names>
|
|
|
39 |
|
|
|
40 |
#-------------------------------------------------------------------#
|
|
|
41 |
# The following are used only for the "static" Translation Method.
|
|
|
42 |
#-------------------------------------------------------------------#
|
|
|
43 |
#[Static]
|
|
|
44 |
|
|
|
45 |
# A "static" list of GSS-Authenticated names to
|
|
|
46 |
# local user name mappings
|
|
|
47 |
|
|
|
48 |
#someuser@REALM = localuser
|
|
|
49 |
|
|
|
50 |
|
|
|
51 |
#-------------------------------------------------------------------#
|
|
|
52 |
# The following are used only for the "umich_ldap" Translation Method.
|
|
|
53 |
#-------------------------------------------------------------------#
|
|
|
54 |
|
|
|
55 |
#[UMICH_SCHEMA]
|
|
|
56 |
|
|
|
57 |
# server information (REQUIRED)
|
|
|
58 |
#LDAP_server = ldap-server.local.domain.edu
|
|
|
59 |
|
|
|
60 |
# the default search base (REQUIRED)
|
|
|
61 |
#LDAP_base = dc=local,dc=domain,dc=edu
|
|
|
62 |
|
|
|
63 |
#-----------------------------------------------------------#
|
|
|
64 |
# The remaining options have defaults (as shown)
|
|
|
65 |
# and are therefore not required.
|
|
|
66 |
#-----------------------------------------------------------#
|
|
|
67 |
|
|
|
68 |
# whether or not to perform canonicalization on the
|
|
|
69 |
# name given as LDAP_server
|
|
|
70 |
#LDAP_canonicalize_name = true
|
|
|
71 |
|
|
|
72 |
# absolute search base for (people) accounts
|
|
|
73 |
#LDAP_people_base = <LDAP_base>
|
|
|
74 |
|
|
|
75 |
# absolute search base for groups
|
|
|
76 |
#LDAP_group_base = <LDAP_base>
|
|
|
77 |
|
|
|
78 |
# Set to true to enable SSL - anything else is not enabled
|
|
|
79 |
#LDAP_use_ssl = false
|
|
|
80 |
|
|
|
81 |
# You must specify a CA certificate location if you enable SSL
|
|
|
82 |
#LDAP_ca_cert = /etc/ldapca.cert
|
|
|
83 |
|
|
|
84 |
# Objectclass mapping information
|
|
|
85 |
|
|
|
86 |
# Mapping for the person (account) object class
|
|
|
87 |
#NFSv4_person_objectclass = NFSv4RemotePerson
|
|
|
88 |
|
|
|
89 |
# Mapping for the nfsv4name attribute the person object
|
|
|
90 |
#NFSv4_name_attr = NFSv4Name
|
|
|
91 |
|
|
|
92 |
# Mapping for the UID number
|
|
|
93 |
#NFSv4_uid_attr = UIDNumber
|
|
|
94 |
|
|
|
95 |
# Mapping for the GSSAPI Principal name
|
|
|
96 |
#GSS_principal_attr = GSSAuthName
|
|
|
97 |
|
|
|
98 |
# Mapping for the account name attribute (usually uid)
|
|
|
99 |
# The value for this attribute must match the value of
|
|
|
100 |
# the group member attribute - NFSv4_member_attr
|
|
|
101 |
#NFSv4_acctname_attr = uid
|
|
|
102 |
|
|
|
103 |
# Mapping for the group object class
|
|
|
104 |
#NFSv4_group_objectclass = NFSv4RemoteGroup
|
|
|
105 |
|
|
|
106 |
# Mapping for the GID attribute
|
|
|
107 |
#NFSv4_gid_attr = GIDNumber
|
|
|
108 |
|
|
|
109 |
# Mapping for the Group NFSv4 name
|
|
|
110 |
#NFSv4_group_attr = NFSv4Name
|
|
|
111 |
|
|
|
112 |
# Mapping for the Group member attribute (usually memberUID)
|
|
|
113 |
# The value of this attribute must match the value of NFSv4_acctname_attr
|
|
|
114 |
#NFSv4_member_attr = memberUID
|