idmap_nss - Man Page
Samba's idmap_nss Backend for Winbind
The idmap_nss plugin provides a means to map Unix users and groups to Windows accounts. This provides a simple means of ensuring that the SID for a Unix user named jsmith is reported as the one assigned to DOMAIN\jsmith which is necessary for reporting ACLs on files and printers stored on a Samba member server.
This example shows how to use idmap_nss to obtain the local account ID's for its own domain (SAMBA) from NSS, whilst allocating new mappings for the default domain (*) and any trusted domains.
[global] idmap config * : backend = tdb idmap config * : range = 1000000-1999999 idmap config SAMBA : backend = nss idmap config SAMBA : range = 1000-999999
The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed.