6.5 HP StoreAll OS User Guide
NOTE: You have the option to configure a dynamic username script, a static username map,
or both while pre-configuring the username mapping solution. If you decide to configure both,
when you enable username mapping, you must determine which will be called first (dynamic
username script or static username map). If both are configured, dynamic username mapping
is designated to run first, and the output produces a valid Linux username, the static map will
not be referenced unless remapping is enabled. The same is true if static username mapping
is designated first and produces a valid Linux username output.
• For static username mapping: Create the configuration file, in which the CIFS users will
be mapped to POSIX users. Store the static username mapping file in an accessible
location and keep note of the location. The static file path and name is needed when you
enable username mapping with the ibrix_usernamemapping command.
In this configuration file, you pre-define the valid Linux user name by indicating both the
Windows name and the Linux name, separated by the = character. When this file is
configured, the solution will match the client-supplied Windows user name to one of the
configured Windows users listed in the map file; when a Windows group is configured
in the static map, the user name is compared to members of the Windows group. The
Linux name on the left of the = separator will then be returned and used in place of the
supplied Windows name.
The following are examples of line items in the static username map file:
◦ Single item entry:
LinuxUser = DOM\windowsUser
◦ Multiple item entry, including a group:
LinuxUser = DOM\windowsUser
LinuxUser2 = DOM\windowsUser2 “DOM\windows User3” &DOM\WindowsGroup1 LinuxUser
In the second example, a space character is used as a separator between names,
and the & character indicates that the name that follows it is a group. When a group
is found, the solution compares the Windows username supplied by the client with
the member of the group specified.
There must be only one Linux username on the left side of the = character. Note that
the second configuration line also contains the LinuxUser from the first line. This
causes the name to be remapped from LinuxUser to LinuxUser2. This means if
the client-supplied name was DOM\windowsUser, it would be remapped to
LinuxUser2. If the client supplied name was a member of the group
DOM\WindowsGroup1, the user would be assigned LinuxUser2.
◦ Multiple item entry, remapping example:
!LinuxUser=DOM\windowsUser
LinuxUser2 = DOM\windowsUser2 “DOM\windows User3” &DOM\WindowsGroup1 LinuxUser
In this example, the LinuxUser is prefixed with a ! character. This indicates that
the mapping should be terminated if there is a match on this line. This means that if
the client provided DOM\windowsUser, the name LinuxUser would not be
remapped and the session would be set up with the user LinuxUser.
• For dynamic username mapping: Create a script (such as a bash script using IV editor)
that defines mapped POSIX users for a CIFS user. This script takes the Windows username
as an input parameter and then produces a valid Linux username as output.
Following are examples of the common uses of dynamic username mapping:
◦ Scripting a general name change: For example, if all Linux user names are input as
I.swift and all Windows user names are input as Iswift, you can write a script
HP-SMB user name mapping 109