Cross Domain Mapping

DataCore vFilO provides a mapping service between separate Windows and Linux domains to enable users with accounts in both domains to securely access their files. This is typically only used when the domains are completely separate. For User Mapping within the same domain, refer to User Mapping between Windows and Linux.

Join the Active Directory by following the steps in the previous section. Cross-domain mapping is not supported without joining Active Directory.
Create mappings between domains. The example below creates a bidirectional map between the lin.ad.test and win.ad.test domains
# domain-idmap-add --from lin.ad.test --to win.ad.test --attribute TestLNXWindowsAccountName --bidirectional
Repeat this step as needed to create additional cross domain mapping
When creating shares that will be accessed by users from different domains use the option ‘--preferred-domain’ to select the preferred domain for the share
# share-create --export-option *,rw,no-root-squash --preferred-domain win.ad.test --path /win1 --create-path --name win1
To remove a preferred domain from an existing share
# share-update --name win1 --preferred-domain-clear
To apply a preferred domain to an existing share
# share-update --name win1 --preferred-domain lin.ad.test
The domain mapping rules are updated periodically, to immediately reload the rules
# domain-idmap-reload
To review the cross domain
# domain-idmap-list total 1
ID: 64064507-7236-4ae7-9e4d-23320293ab6f
From: lin.ad.test
Inherit From: false
To: win.ad.test
Inherit To: false
Attribute: TestLNXWindowsAccountName
Bidirectional: false
Order: 1

`# domain-idmap-list`	`total 1`
`ID:`	`64064507-7236-4ae7-9e4d-23320293ab6f`
`From:`	`lin.ad.test`
`Inherit From:`	`false`
`To:`	`win.ad.test`
`Inherit To:`	`false`
`Attribute:`	`TestLNXWindowsAccountName`
`Bidirectional:`	`false`
`Order:`	`1`