This feature, also known as user mapping, allows you to associate an Active Directory user account with a local Unix user. Allowing a local user to log in to a Unix host using Active Directory credentials enables that user to take advantage of the benefits of Active Directory security and access control.
To enable a local user for Active Directory authentication
Note: To set up this local user account, see Adding a local user account.
Note: To set up this Active Directory user, see Adding an Active Directory user account.
You have now mapped a local user to an Active Directory user and the management console indicates that the local user account requires an Active Directory password to log onto the Host in the AD User column.
You can also map multiple Unix users to use a single Active Directory account using the Require AD Logon pane on the All Local Users tab.
To assign (or "map") a Unix user to an Active Directory user
(Click the  Directory button to search in a specific folder.)
Note: This task requires elevated credentials.
The Active Directory user assigned to the selected local Unix users displays in the AD User column of the All Local Users tab.
Once you have mapped a local user to an Active Directory user, you can log in to the local Unix host using your local user name and the Active Directory password of the Active Directory user to whom you are mapped.
To test the mapped user login
Click Login to log in to the Unix host with your local user account.
You just learned how to manage local users and groups from Management Console for Unix by mapping a local user account to an Active Directory user account. You tested this by logging into the Unix host with your local user name and the password for the Active Directory user account to whom you are mapped.
To Unix-enable an Active Directory group
Note: To set up this Active Directory user account, see Adding an Active Directory group account.
To Unix-enable an Active Directory user
It populates the properties with default Unix attribute values.
Note: There are additional settings that you can set using PowerShell which allows you to validate entries for the GECOS, Home Directory, and Login Shell attributes. For more information, see Use Safeguard Authentication Services PowerShell.
Once enabled for Unix, you can log on to the host with that Active Directory user's log on name and password.
© 2025 One Identity LLC. ALL RIGHTS RESERVED. 利用規約 プライバシー Cookies Preference Center