Manual Pages

Table of Contents


na_usermap.cfg - mappings between UNIX and Windows NT accounts and users




The usermap.cfg file explicitly maps Windows NT users to the correct UNIX account and UNIX users to the correct Windows NT account. Each line in /etc/usermap.cfg has the format:

[ IP-qual: ] [ NT-domain \] NTUser [ direction ] [ IP_qual: ] UnixUser

Lines are processed sequentially.

The following table describes the variables in the usermap.cfg file description.

An IP qualifier that the node uses to match a user. You use an IP qualifier to narrow a match. IP-qual can be a regular IP address, a host name, a network name, or a network name with a subnet specified in dot notation.

Specifies the domain to match or the domain to use for a mapped UNIX account. The default is the domain in which the node is installed.

Any user-type account name. If the name contains a space, put the name in quotation marks.

Restricts the direction of the mapping. By default, mappings are bidirectional. The three valid direction symbols are as follows: "=>" means NT to UNIX mapping only; "<=" means UNIX to NT mapping only; "==" means bidirectional mapping (use this to explicitly indicate a bidirectional mapping).

The usermap.cfg file format uses the following symbol conventions. An asterisk (*) matches any name. The null string ("") matches no name and rejects any user. You can use either spaces or tabs as separators.

Windows NT names are case-insensitive and can contain nonASCII characters within the character set in the current code page. Windows NT user names can contain spaces, in which case you must enclose the name in quotation marks. UNIX user names are case-sensitive and must be in ASCII.

This manpage is not encyclopedic. Please refer to online documentation and the System Administrator's Guide for further information.


The following usermap.cfg file ...

"Bob Garg" == bobg
mktg\Roy => nobody
engr\Tom => ""
uguest <= *
*\root => ""

maps NT user Bob Garg to UNIX user bobg and vice versa,

allows mktg\Roy to login, but only with the privileges of UNIX user nobody,

disallows login by NT user engr\Tom,

maps all other UNIX names to NT user uguest,

and disallows NT logins using the name root from all domains.

Table of Contents