立即与支持人员聊天
与支持团队交流

Safeguard Authentication Services 5.0.1 - Administration Guide

Privileged Access Suite for Unix Introducing One Identity Safeguard Authentication Services Unix administration and configuration Identity management Migrating from NIS Managing access control Managing local file permissions Certificate Autoenrollment Integrating with other applications Managing Unix hosts with Group Policy
Safeguard Authentication Services Group Policy
Group Policy Concepts Unix policies One Identity policies
Display specifiers Troubleshooting Glossary

Active Directory User Information file

The Active Directory User Information file contains information about Active Directory user accounts. It is produced by oat_adlookup and is passed to oat_match to create a map between Active Directory and local users.

Syntax
<AD account info> ::= [<QAS property overrides>] <user_account_list>
<QAS property overrides> ::= { 'qas-override-property: ' <override> <CRLF> }
<override> ::= <override name> '-attr-name=' <AD_attr_name>
<override name> ::= 'uid-number' |
'gid-number' |
'gecos' |
'username' |
'groupname'
<user_account_list> ::= { <user_account_record> <CRLF> }
<user_account_record> ::= <header_prop> { <CRLF> <info_prop> }
<header_prop> ::= ('dn' | 'distinguishedName') ':' {<white space>} <prop_value>
<info_prop> ::= ( <gecos-attr-name> |
<uid-number-attr-name> |
'sAMAccountName' |
'cn' |
'userPrincipalName' |
'displayName' |
'givenName' |
'sn' |
<username-attr-name> ) ':' <white space>} <prop_value>
<prop_value> ::= {<character>}
        
Sample
dn: CN=Ivan M. Petrovich,CN=Users,DC=a,DC=vmx
gecos: Ivan M. Petrovich
uidNumber: 1001
sAMAccountName: vanya
cn: Ivan M. Petrovich
userPrincipalName: vanya@a.vmx
displayName: Ivan M. Petrovich
givenName: Ivan
sn: Petrovich

Active Directory Group Information file

The Active Directory Group Information file contains information about Active Directory group accounts. It is produced by oat_adlookup and is passed to oat_match to create a map between Active Directory and local groups.

Syntax
<AD account info> ::= [<VAS property overrides>] <group account list>
<VAS property overrides> ::= { 'vas-override-property: ' <override> <CRLF> }
<override> ::= <override name> '-attr-name=' <AD_attr_name>
<override name> ::= 'uid-number' |
'gid-number' |
'gecos' |
'username' |
'groupname'
<group account list> ::= { <group account record> <CRLF> }
<group account record> ::= <header_prop> { <CRLF> <info_prop> }
<header_prop> ::= ('dn' | 'distinguishedName') ':' {<white space>} <prop_value>
<info_prop> ::= ( 'cn' |
'sAMAccountName' |
<gid-number-attr-name> |
<groupname-attr-name> ) ':' {<white space>} <prop_value>
<prop_value> ::= {<character>}
Sample
dn: CN=zenith,CN=Users,DC=a,DC=vmx
cn: zenith
sAMAccountName: zenith
gidNumber: 1002

User map file

The User map file contains mappings between Active Directory and local users. It is produced by oat_match and is passed to oat_changeowners to align file ownership.

Syntax
<user_map> ::= '#!user' { <CRLF> <map_entry> }
<map_entry> ::= <unix_entry_value> { <white_space> } <ad_entry_value>
<ad_entry_value> ::= <entry_value>
<unix_entry_value> ::= <entry_value>
<entry_value> ::= <identifier> '(' [ <user_name> ] ')'
<identifier> ::= <digit> { <digit> }
<user_name> ::= <character> { <character> }
Sample
#!user
1001(testmigr) 1001(vanya)
500(alex) 1000(alex)
10003(masha) 1002(mpetrova)

Group map file

The Group map file contains mappings between Active Directory and local groups. It is produced by oat_match and is passed to oat_changeowners to align file ownership.

Syntax
<group_map> ::= `#!group` { <CRLF> <map_entry> }
<map_entry> ::= <unix_entry_value> { <white_space> } <ad_entry_value>
<ad_entry_value> ::= <entry_value>
<unix_entry_value> ::= <entry_value>
<entry_value> ::= <identifier> '(' [ <group_name> ] ')'
<identifier> ::= <digit> { <digit> }
<group_name> ::= <character> { <character> }
Sample
#!group
1002(grp1) 1001(grp1)
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级