sss_rpcidmapd man page

sss_rpcidmapd — sss plugin configuration directives for rpc.idmapd

Configuration File

rpc.idmapd configuration file is usually found at /etc/idmapd.conf. See idmapd.conf(5) for more information.

Sss Configuration Extension

Enable SSS plugin

In section “[Translation]”, modify/set “Method” attribute to contain sss.

[sss] config section

In order to change the default of one of the configuration attributes of the sss plugin listed below you will need to create a config section for it, named “[sss]”.

Configuration attributes

memcache (bool)

Indicates whether or not to use memcache optimisation technique.

Default: True

Sssd Integration

The sss plugin requires the NSS Responder to be enabled in sssd.

The attribute “use_fully_qualified_names” must be enabled on all domains (NFSv4 clients expect a fully qualified name to be sent on the wire).


The following example shows a minimal idmapd.conf which makes use of the sss plugin.

Verbosity = 2
# domain must be synced between NFSv4 server and clients
# Solaris/Illumos/AIX use "localdomain" as default!
Domain = default

Nobody-User = nfsnobody
Nobody-Group = nfsnobody

Method = sss

See Also

sssd(8), idmapd.conf(5)


Noam Meltzer
Primary Data Inc.

Developer (2013-2014)

Noam Meltzer <>

Developer (2014-)

Referenced By

idmap_sss(8), pam_sss(8), sss_cache(8), sssctl(8), sssd(8), sssd-ad(5), sssd.conf(5), sss_debuglevel(8), sssd-files(5), sssd-ifp(5), sssd-ipa(5), sssd-krb5(5), sssd_krb5_locator_plugin(8), sssd-ldap(5), sssd-simple(5), sssd-sudo(5), sss_groupadd(8), sss_groupdel(8), sss_groupmod(8), sss_groupshow(8), sss_obfuscate(8), sss_override(8), sss_seed(8), sss_ssh_authorizedkeys(1), sss_ssh_knownhostsproxy(1), sss_useradd(8), sss_userdel(8), sss_usermod(8).

05/01/2017 sss rpc.idmapd plugin File Formats and Conventions