Auto-generated ID mappings

Auto-generated ID mappings are the default. If no explicit mappings are created by the system administrator in the Active Directory by using RFC 2307 attributes, all mappings between security identifiers (SIDs) and UNIX IDs will be created automatically by using a reserved range in UNIX ID space.

Note: If you have a mix of GPFS running on Windows and other Windows clients by accessing the integrated SMB server function, the ability to share data between these clients was not tested or validated. With protocol support, the SMB server might also be configured to automatically generate ID mapping. If you want to ensure that SMB users do not access data (share ID mapping) with Windows users, ensure that the automatic range for SMB server is different from this range. The range of IDs automatically generated for the SMB server can be controlled by mmuserauth.

Unless the default reserved ID range overlaps with an ID already in use, no further configuration is needed to use the auto-generated mapping function. If you have a specific file system or subtree that are only accessed by user applications from Windows nodes (even if AIX® or Linux® nodes are used as NSD servers), auto-generated mappings are sufficient for all application needs.

The default reserved ID range that is used by GPFS starts with ID 15,000,000 and covers 15,000,000 IDs. The reserved range should not overlap with any user or group ID in use on any AIX or Linux nodes. To change the starting location or the size of the reserved ID range, use the following GPFS configuration parameters:

sidAutoMapRangeLength: Controls the length of the reserved range for Windows SID to UNIX ID mapping.
sidAutoMapRangeStart: Specifies the start of the reserved range for Windows SID to UNIX ID mapping.

Note: For planning purposes, auto-generated ID mappings are stored permanently with file system metadata. A change in the sidAutoMapRangeStart value is only effective for file systems that are created after the configuration change.