Help on Access > Membership & Roles > User Mapping

The following information and controls appear on Access > Membership & Roles > User Mapping.

Current Access Zone
Specifies the access zone that contains the user mapping rules you want to view or manage.
Edit User Mapping Rules
Opens a dialog box that enables you to create and edit user mapping rules.
Create a User Mapping Rule
Opens a dialog box that enables you to create a new user mapping rule.
Operation
Specifies the type of action that OneFS should perform when the mapping rule is invoked. OneFS supports several operations; which operation you select determines the rule attributes you must provide. Select from the following operations:
Insert fields from a user
Copies selected identity fields from one user and inserts it in the access token of another user.
Insert Fields into this User
Specifies the target user; the copied identity fields are inserted into this user's access token.
Insert these Fields
Specifies one or more identity fields to be copied from the source user and inserted into the target user's access token.
Insert primary user SID and UID
Copies the source user's primary user SID and UID and inserts them into the target user's access token. The copied SID and UID become the new primary user IDs, and previous primary user IDs are moved to the list of additional identifiers.
Insert primary group SID and GID
Copies the source user's primary group SID and GID and inserts them into the target user's access token. The copied SID and GID become the new primary group IDs, and previous primary group IDs are moved to the list of additional identifiers.
Insert supplemental groups
Copies the list of additional groups the source user belongs to and inserts them into the target user's access token.
Insert Fields from this User
Specifies the source user; the selected identity fields are copied from this user and inserted into the target user's access token.
Append field from a user
Copies selected identity fields from one user and appends them as supplemental identities to the access token of another user.
Append Fields to this User
Specifies the target user; the copied identity fields are appended to this user's access token.
Append these Fields
Specifies one or more identity fields to be copied from the source user and appended to the target user's access token.
Append primary user SID and UID
Copies the source user's primary user SID and UID and appends them to the target user's access token.
Append primary group SID and GID
Copies the source user's primary group SID and GID and appends them to the target user's access token.
Append supplemental groups
Copies the list of additional groups the source user belongs to and appends them to the target user's access token.
Append Fields from this User
Specifies the source user; the selected identity fields are copied from this user and appended to the target user's access token.
Replace one user with a different user
Replaces a user's access token with the access token attributes of another user. Lookups of the target user's original user name returns only the token details from the source user.
Replace User
Specifies the target user; the access token details of this user are replaced with the token details of the source user.
With User
Specifies the source user; access token details are copied from this user to replace the token details of the target user.
Remove supplemental groups from a user
Deletes all supplemental groups from a user's access token.
Remove from this User
Specifies the user whose access token should be modified to remove supplemental groups.
Join two users together
Merges access token attributes between two specified users. The order in which the user's are specified is important.
Join this User
Specifies the first user. This user retains it's primary user and group attributes, and all of the attributes from the second user is appended in the first user's supplemental identities list.
With this User
Specifies the second user. The primary user and group attributes of this user are moved to the supplemental identities list and replaced with the primary attributes of the first user. The supplemental identities from the first user are merged into the second user's supplemental identities list.
Browse
Opens a dialog box that enables you to search for users the mapping rule will apply to.
Search for
Specifies the type of account you want to search for.
Users
Specifies a search for a user account.
Groups
Specifies a search for a group account. You can add an entire group, and thereby all of its members, to another group.
Well-known SIDs
Specifies a search for all accounts with well-known SIDs in the system.
Username
Specifies the name of the user account you want to search for.
Group Name
Specifies the name of the group account you want to search for.
Access Zone
Specifies the access zone associated with the account you want to search for.
Provider
Specifies the authentication provider associated with the account you want to search for.
Search
Initiates a search based on the provided criteria.
Search Results
Displays a table of user or groups by name that best match the search criteria.
Name
Name of the user or group account.
Full Name
Full name, if available, of the user or group account.
Description
Description, if available, of the user or group account.
Select
Adds the user or group selected from the search results to the field the request originated from.
If lookup fails, use this default user
Specifies a default user account OneFS should use if the specified source or second user cannot be found when processing a rule that appends, inserts, replaces, or joins attributes between two users. OneFS will use the access token information from the default user instead.
Stop processing if rule matches
Specifies that OneFS should stop processing subsequent rules in the table if the current rule is matched. Mapping rules are processed in the order in which they appear in the table of rules.
Add Rule
Saves the mapping rule parameters and adds the rule to the table of mapping rules.
User Mapping Rules
Table that displays user mapping rules that you have just created. These rules do not go into effect until you save the changes.
Select an action
Lists actions that can be applied to multiple user mapping rules simultaneously.
Remove rules
Bulk action that deletes from the system each user mapping rule whose check box has been selected.
Order
Mapping rules are processed in the order in which they appear in the table. Click up and down arrows to place user mapping rules in the order in which you want them to be processed.
Description
Displays a description of the user mapping rule.
On Rule Match
Displays whether the user mapping rule stops processing on match or not.
Stop
Indicates that OneFS should stop processing subsequent rules in the table if the current rule is matched.
Continue
Indicates that OneFS should continue to process subsequent rules in the table whether or not the current rule is matched.
Actions
Displays actions you can apply to the user mapping rule.
Edit Rule
Opens a dialog box from which you can modify current rule attributes.
More
Displays a list of additional actions that can be applied to the rule.
Remove Rule
Deletes the user mapping rule from the system.
Set default UNIX user parameters if no UIDs or GIDs are available
Specifies how OneFS should generate default UNIX user parameters if OneFS encounters a user without available UIDs or GIDs. Applies to all user mapping rules.
Allow OneFS to generate a primary UID and GID
Specifies that OneFS should automatically supply a primary UID and GID
Deny access with the following error: no such user
Specifies that OneFS should deny access to the user and display an error that no such user exists.
Designate the following user as the default UNIX user
Enables you to browse for and select a user as the default UNIX user.
User Mapping Rules
Table that displays all user mapping rules in the current access zone.
Apply Order
Indicates the order in which OneFS will process the user mapping rules.
Rule Type
Indicates the type of operation that OneFS should perform when the mapping rule is invoked. Valid values are:
  • Insert
  • Append
  • Replace
  • Remove
  • Join
Description
Displays a description of the user mapping rule.
On Rule Match
Displays whether the user mapping rule stops processing on match or not.
Stop
Indicates that OneFS should stop processing subsequent rules in the table if the current rule is matched.
Continue
Indicates that OneFS should continue to process subsequent rules in the table whether or not the current rule is matched.
Test User Mapping
Enables you to test the results of a user mapping rule.
User, Group, or Well-known SID
Specifies the user you want to view results for.
Test Mapping
Click to generate the results of the user mapping rule. The system displays the selected user's access token as it would appear if the rule was applied.