sss_rpcidmapd - Man Page

sss plugin configuration directives for rpc.idmapd

Configuration File

rpc.idmapd configuration file is usually found at /etc/idmapd.conf. See idmapd.conf(5) for more information.

SSS Configuration Extension

Enable SSS plugin

In section “[Translation]”, modify/set “Method” attribute to contain sss.

[sss] config section

In order to change the default of one of the configuration attributes of the sss plugin listed below you will need to create a config section for it, named “[sss]”.

Configuration attributes

memcache (bool)

Indicates whether or not to use memcache optimisation technique.

Default: True

SSSD Integration

The sss plugin requires the NSS Responder to be enabled in sssd.

The attribute “use_fully_qualified_names” must be enabled on all domains (NFSv4 clients expect a fully qualified name to be sent on the wire).

Example

The following example shows a minimal idmapd.conf which makes use of the sss plugin.

[General]
Verbosity = 2
# domain must be synced between NFSv4 server and clients
# Solaris/Illumos/AIX use "localdomain" as default!
Domain = default

[Mapping]
Nobody-User = nfsnobody
Nobody-Group = nfsnobody

[Translation]
Method = sss

See Also

sssd(8), idmapd.conf(5)

Authors

Noam Meltzer
Primary Data Inc.

Developer (2013-2014)

Noam Meltzer <tsnoam@gmail.com>

Developer (2014-)

Referenced By

idmap_sss(8), pam_sss(8), pam_sss_gss(8), sss_cache(8), sssctl(8), sssd(8), sssd-ad(5), sssd.conf(5), sss_debuglevel(8), sssd-ifp(5), sssd-ipa(5), sssd-krb5(5), sssd_krb5_localauth_plugin(8), sssd_krb5_locator_plugin(8), sssd-ldap(5), sssd-ldap-attributes(5), sssd-session-recording(5), sssd-simple(5), sssd-sudo(5), sssd-systemtap(5), sss_obfuscate(8), sss_override(8), sss_seed(8), sss_ssh_authorizedkeys(1), sss_ssh_knownhostsproxy(1).

01/31/2024 sss rpc.idmapd plugin File Formats and Conventions