README FOR wbuser ----------------- wbuser is a tool used to list, add, and remove UID/SID mappings stored in Samba's var/locks/winbindd_idmap.tdb file. Using this script, you can specify the UNIX UIDs to which Windows users are mapped by winbind (which normally sets up arbitrary mappings automatically). A document included with this distribution, ad_auth.html, contains a set of procedures to implement Active Directory authentication on UNIX (tested on Solaris). The final procedure describes how to use wbuser to obtain static mappings of Windows users to UNIX UIDs (in a somewhat clunky fashion, admittedly, but it works for certain scenarios). INSTALLATION ------------ In the Makefile, set INST_DIR to wherever you want the software installed. You may also need to change the INSTALL command, depending on the location and version of "install" on your system. Then run "make install". USE --- "wbuser -h" prints out a usage statement. The basics are: wbuser -l # Lists current winbind user mappings. wbuser -a username UID # Adds a winbind mapping for the specified # Windows username to the specified UNIX UID. wbuser -r username # Removes the winbind mapping for the # specified user. Here are a couple of example command lines: # wbuser -a aduser5 90001 wbuser: Add successful for aduser5, UID 90001, SID S-1-4-22-2152111302-790524478-839622115-109641. # # wbuser -l Username UID SID AD1+aduser1 90002 S-1-4-22-2152111302-790524478-839622115-104315 AD1+aduser2 90003 S-1-4-22-2152111302-790524478-839622115-104316 AD1+aduser3 90004 S-1-4-22-2152111302-790524478-839622115-104317 AD1+aduser4 100002 S-1-4-22-2152111302-790524478-839622115-104318 AD1+aduser5 90001 S-1-4-22-2152111302-790524478-839622115-109641 AD1+aduser6 100101 S-1-4-22-2152111302-790524478-839622115-109642 AD1+aduser7 90010 S-1-4-22-2152111302-790524478-839622115-109643 PLATFORMS --------- wbuser has been written for portability to most UNIX systems. It's been tested on the following platforms: - Solaris - versions 8 through 9 CHANGES ------- You're not required by the license to submit changes back to the source, but I'd appreciate portability improvements or enhancements of general applicability. You can email new versions or contextual diffs ("diff -c old_file new_file") to . Some things to keep in mind if you do this: - Formatting - I use tabs for indentation, and sometimes to align code segments for readability. Please do the same. - Please don't use NotePad or some other Windows editor to make changes. Or if you do, get rid of the DOS linefeeds before submitting changes. - Please try to follow the formatting conventions established in the existing code. - Readability - Usually, I will trade off efficiency (of running time or of development time) in favor of readability. - Insert meaningful comments where appropriate. - Portability - All shell scripts are Bourne-compatible. I won't use shell- specific constructs from bash, ksh, etc. - Don't use OS-specific features, pathnames, etc., unless they're guarded by code checking the OS version, or they're in user-settable variables toward the top of the script. CONTRIBUTORS ------------ Leon Towns-von Stauber Enjoy! Copyright (c) 2005-2006. All rights reserved. See the LICENSE file distributed with this code for restrictions on its use and further distribution. Original distribution available at .