|
|
If you want to set up an attribute map file, you must enter the attradmin command with the attribute map filename and specify the format the remote value should take in all map entries.
To set up a new file, enter:
attradmin -A attrname -I descr
where attrname is the name of the attribute, and descr is a string called a format descriptor. The format descriptor specifies the format in which the remote attribute value must be entered when a map entry is created.
If you're using cr1 as your authentication scheme, the format descriptor you need to enter is M1@M2.
Field numbers indicate the order of significance of the fields. Higher numbered fields are the more significant. M2 in the descriptor M1@M2 means that the second field contains an entity of greater significance on the network than does the first field. The letter ``M'' indicates that the fields are required. The ``@'' symbol is a field separator. For example, given the format descriptor M1@M2, UID 104 on the remote system venus would be specified as 104@venus.
To set up a map file that maps UIDs on remote systems
to UIDs on the local system, you might enter:
attradmin -A uid -I M1@M2
The file uid.map now appears in /etc/idmap/attrmap, and the format descriptor appears in the first line of the file.