|
|
To map a remote user to a login on the local system, add an entry for the remote user to the appropriate idata file. The local login must be in the /etc/passwd file on the local system.
When you add a user entry to
idata,
idadmin has the syntax
idadmin -S scheme -a -l logname -r g_name
where
scheme
is the name of the ID mapping scheme,
g_name
is the global name of the remote user, and
logname
is the local login.
For example, given the format descriptor
M1@M2,
the following entry maps
jeff
on machine
moon
to the local login
guest:
idadmin -S cr1 -a -l guest -r jeff@moon
You can set up transparent mapping of logins by using regular expressions in the g_name field and the ``%'' character in the logname field. The special characters supported by the idadmin command are explained on idadmin(1Mbnu).
File entries are sorted so that an entry that maps a login explicitly is found in a search before entries that implement transparent mapping. Likewise, entries that map logins transparently are sorted based on the position of the regular expression in the global name. Entries with a regular expression in place of a remote user login appear in the file before entries with a regular expression in place of a system name.