Zone attributes in classic SFU-compliant zones
The zone object class and its attributes in the classic SFU zone are similar to the classic Centrify zone, except that the zone must also include the NIS domain name and domain attributes. Like the classic Centrify zones, the zone object is stored as a container object, and the common name (cn) of the object must be set to the zone name. Most of the other attributes for a zone are stored as pseudo-attributes using the Active Directory description attribute.
The following table summarizes how zone attributes are stored in Active Directory for SFU-compliant zones. For more information about any attribute setting, see Zone attributes in classic Centrify zones.
Zone attribute | Stored in Active Directory attribute |
ZoneName |
cn:ZoneName For example: cn:default |
ZoneVersion |
displayName:ZoneVersion The only valid value is $CimsZoneVersion2. For example: displayName:$CimsZoneVersion2 |
Description |
description:description:value For example: description:description:Pilot EMEA |
NextUid |
description:uidnext:value For example: description:uidnext:12098 |
NextGid |
description:gidnext:value For example: description:gidnext:12098 |
ReservedUids |
description:uidreserved:value For example: description:uidreserved:0-99:501 |
ReservedGids |
description:gidreserved:value For example: description: gidreserved:1000-2500 |
Availableshells |
description:availableshells:value For example: description:availableshells:/bin/sh |
DefaultHomeDirectory |
description:defaulthome:value For example: description:defaulthome:/nfs/${user} |
DefaultShell |
description:defaultshell:value For example: description:defaultshell:/bin/bash |
DefaultGroup |
description:defaultgid:value For example: description:defaultgid:12098 |
ZoneType |
description:schema:Dynamic_Schema_Version The only valid value for SFU zones is:
For example: description:schema:SFU_3_0 |
NisDomain |
description:Nisdomain:value This attribute describes the NIS domain for that defines the scope of the zone. For more information about this setting, see the User object attributes. For example: description: Nisdomain:XXX |
SFUDomain |
description:Sfudomain:value The SFU domain contains the users and groups. The members of an SFU domain can only come from one domain. For example: description:Sfudomain:mfg.ajax.org |