Resource Central

Home
Current:(no releases)
For QAS:3.0 or later
Platforms:
  • Linux i386
  • Linux x86_64
  • Solaris sparc
  • Solaris x86
  • HP-UX pa
  • AIX ppc
Development:
  • Browse Source:
  • Git Repository:
Resources:ChangeLog
License:Resource Central

Quest's Samba Identity Mapper (vasidmap) provides Samba servers with accurate identity information for Unix-enabled Active Directory users to ensure proper file system access controls for Samba servers that are joined to an Active Directory domain. Vasidmap plugs into Samba's idmap interface, resolving queries for user security information by using Quest Authentication Services' (QAS) Active Directory connections and caches. vasidmap should be used with all installations of Samba where QAS is installed — especially for servers using Authentication Services' Unix personality management feature.

Quick installation instructions

  1. Ensure that you have Samba installed; we recommend using at least version 3.3.16 of your operating system's Samba package. The Quest ID Mapper should work with samba 3.0.28+ but versions below 3.3.16 are not supported.
  2. Ensure that the host is joined to Active Directory (vastool join)
  3. Install quest-vasidmap
  4. Run the vas-samba-config script: 
    # /opt/quest/sbin/vas-samba-config
    and answer the questions asked.

Please see the installation guide for detailed instructions and troubleshooting.

FAQ

Q: Will the Quest ID Mapper work with Samba packages from my operating system vendor or compiled from source?

A: Yes, both. The Quest ID Mapper was designed to integrate with Samba to provide additional benefits to customers using Samba and Quest Authentication Services together. Please make sure you are running at least version 3.3.16 of Samba before using the Quest ID Mapper.

Q: What are the benefits of using Quest ID Mapper with Samba?

A: The Quest ID Mapper can be used on servers that are accessed by Unix-enabled users via both local (shell) access and over Samba/CIFS shares. Using the ID mapper ensures file ownership matches the user's Unix-enabled attributes. Quest ID Mapper should not be used where non-Unix-enabled users access shares because it does not allocate IDs to non-Unix-enabled users. In that case either the idmap_rid or idmap_tdb providers should be used instead of Quest ID Mapper. See the Samba HOWTO chapter on identity mapping for further information.

Download

No stable releases

Compiling the vasidmap package from source requires the Authentication Services SDK to be installed. The SDK can be found in the SDK subdirectory directory of the Quest Authentication Services Installation CD.