Reverse mapping

Server for NFS uses reverse mapping to map permissions between a security descriptor on the Server for NFS computer and a UID/GID/Mode triplet on the NFS client. To specify a mapping between the UNIX client user identifier (UID) and group identifier (GID) and their corresponding Windows users and groups, use the User Name Mapping administration in Services for UNIX Administration.

A given UID can be mapped to any Windows user. This mapping specifies the UID or GID to use when a mapped user or group is found to be the owner of a file. If the given UID is not mapped, the Anonymous logon account is used. Results can be unpredictable when this happens. All UIDs should be mapped to a valid Windows account.

A given GID can be mapped to any Windows group. If the given GID is not mapped, a group entry for NullGroup is placed in the discretionary access control list (DACL).

Reverse-mapping examples

In the examples, assume the following client and server configurations:

• In example 1, Client1 has UID 10 and is mapped to Windows user NtUser1.
• In example 2, Client2 has UID 20 and is mapped to Windows user NtUser2.
• In example 3, Client1 is a member of group AppGroup1 (GID 15), which is mapped to Windows group NtGroup1.
• In example 4, Client2 is a member of group AppGroup2 (GID 25), which is mapped to Windows group NtGroup2.
• In example 5, the group adm is mapped to Windows group Administrators.