Hi,
We have being using Active Directory for single sign on with our Solaris Systems. Our AD has all the Unix Attributes (posix) in it UID, GID, etc.
But we may need to change to the Corporate AD which will not have any Unix Attributes in it for our department (3000 users). So, I have to map AD SID/Username to Unix UID??? We still hoping that we can be a trusted AD (or what ever it is called)
Current setup which uses AD/LDAP (ref http://notallmicrosoft.blogspot.com/2012/10/solaris-11-authentication-login-with.html ):
Solaris SMB & NFS
idmap
ldapclient (i.e. attributeMap=passwd:uidnumber=uidNumber)
ldap_cachemgr
Current setup has been running for about 10 years and I do not want to return to messing round with it again, since it gives my to many grey hairs.. So, before I start reading the manuals again, I am hoping to save a bit of time by asking here..
Cheers,
Andrew