Microsoft KB Archive/269736

= User name mapping performs one-to-many mappings in a single direction only =

Article ID: 269736

Article Last Modified on 11/1/2006

-

APPLIES TO


 * Microsoft Windows Services for UNIX 3.5
 * Microsoft Windows Services for UNIX 3.0 Standard Edition
 * Microsoft Windows Services for Unix 2.3
 * Microsoft Windows Services for Unix 2.2
 * Microsoft Windows Services for UNIX 2.1
 * Microsoft Windows Services for UNIX 2.0 Standard Edition
 * Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
 * Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003 R2 Datacenter Edition (32-Bit x86)
 * Microsoft Windows Server 2003 R2 Enterprise x64 Edition
 * Microsoft Windows Server 2003 R2 Standard x64 Edition
 * Microsoft Windows Server 2003 R2 Datacenter x64 Edition
 * Microsoft Windows Storage Server 2003

-



This article was previously published under Q269736



SUMMARY
This article discusses the User Name Mapping component of Microsoft Windows Services for UNIX. The User Name Mapping component can perform one-to-many mapping, but User Name Mapping can perform this task only one way, from a Windows-based computer to a UNIX-based computer.



MORE INFORMATION
You can map a Windows-based account to a single UNIX-based account, but not the reverse. When you map a Windows-based account to a UNIX-based account, it cannot be mapped to any other UNIX-based account, but you can only map the same UNIX-based account to multiple Windows-based accounts in one direction. The following illustration clarifies this behavior:

Illustration 1a: Mapping multiple Windows users to a single UNIX account (valid)

Illustration 1b: Mapping multiple Windows groups to a single UNIX group (valid)

The following illustrations demonstrate what you cannot do:

Illustration 2a: Mapping Multiple UNIX accounts to a single Windows user (invalid)

Illustration 2b: Mapping multiple UNIX groups to a single Windows group (invalid):

This behavior is by design. The group or user to which you are mapping contains the User Identifier (UID) or Group Identifier (GID) that you want to impersonate.

Note You cannot map one-to-many relationships from a UNIX-based computer to a Windows-based computer.

When you map multiple Windows users or groups to a single UNIX user or group, you have to designate one of mappings as primary. This primary mapping is used when the UNIX account or group is mapped back to a Windows account or group. For example, this mapping is used when a UNIX client uses NFS to write a file. By default, the first mapping that is created is automatically designated as the primary mapping. To set a different mapping as the primary mapping, use the Services for UNIX administration console. Or, use the -setprimary flag with the Mapadmin.exe file when you create the mapping.

Keywords: kbinfo KB269736

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.