Zone attributes in classic SFU-compliant zones

The zone object class and its attributes in the classic SFU zone are similar to the classic Centrify zone, except that the zone must also include the NIS domain name and domain attributes. Like the classic Centrify zones, the zone object is stored as a container object, and the common name (cn) of the object must be set to the zone name. Most of the other attributes for a zone are stored as pseudo-attributes using the Active Directory description attribute.

The following table summarizes how zone attributes are stored in Active Directory for SFU-compliant zones. For more information about any attribute setting, see Zone attributes in classic Centrify zones.

Zone attribute Stored in Active Directory attribute

ZoneName

cn:ZoneName

For example:

cn:default

ZoneVersion

displayName:ZoneVersion

The only valid value is $CimsZoneVersion2.

For example:

displayName:$CimsZoneVersion2

Description

description:description:value

For example:

description:description:Pilot EMEA

NextUid

description:uidnext:value

For example:

description:uidnext:12098

NextGid

description:gidnext:value

For example:

description:gidnext:12098

ReservedUids

description:uidreserved:value

For example:

description:uidreserved:0-99:501

ReservedGids

description:gidreserved:value

For example:

description: gidreserved:1000-2500

Availableshells

description:availableshells:value

For example:

description:availableshells:/bin/sh

DefaultHomeDirectory

description:defaulthome:value

For example:

description:defaulthome:/nfs/${user}

DefaultShell

description:defaultshell:value

For example:

description:defaultshell:/bin/bash

DefaultGroup

description:defaultgid:value

For example:

description:defaultgid:12098

ZoneType

description:schema:Dynamic_Schema_Version

The only valid value for SFU zones is:

  • SFU_3_0 for the Microsoft Services for UNIX (SFU) versions 3.x or 4.x schema extension.

For example:

description:schema:SFU_3_0

NisDomain

description:Nisdomain:value

This attribute describes the NIS domain for that defines the scope of the zone. For more information about this setting, see the User object attributes.

For example:

description: Nisdomain:XXX

SFUDomain

description:Sfudomain:value

The SFU domain contains the users and groups. The members of an SFU domain can only come from one domain.

For example:

description:Sfudomain:mfg.ajax.org