In classic SFU-compliant zones, UNIX-specific group attributes are stored as part of the Active Directory group object.
| Group attribute | Stored in Active Directory attribute |
|
UnixName |
MSSFU30Name:GroupName For example: MSSFU30Name:performx |
|
Gid |
MSSFU30GidNumber:value For example: MSSFU30GidNumber:458 |
|
NisDomain |
MSSFU30NisDomain:value This attribute must be defined. Centrify uses this setting to determine if the group is a member of the zone. When you create SFU-compliant zones, you must specify the NIS domain name that should be included. For example, you can configure zone_bejing to include all users and groups whose NIS domain attribute is set to nisbejing. For example: MSSFU30NisDomain:nisbejing.local |
|
UnixEnabled |
Not supported. |
Note: The Microsoft Services for UNIX schema extension supports group membership as an attribute of the group object in the same way the RFC 2307-compliant schema does. Centrify does not use this attribute, however. Centrify uses Active Directory group membership to identify group members.
Doc Feedback