[Samba] Some Clarification?
Stuart Sheldon
stu at actusa.net
Sat Apr 13 11:26:28 MDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Thanks Steve!
This is exactly what I'm looking for. As for my plan on pulling in the
user base? I'm not sure yet... I'm thinking of re-creating the Windows
users via samba-tool, now that I have a better grip on how the posix
entries work, maybe I'll try using ldapmodify to add the posix stuff.
I'll keep the list informed as I progress.
Thanks Again to all that work on this project, and all that help the
lowly users...
Stu
On 04/13/2013 09:28 AM, steve wrote:
> On 13/04/13 18:06, Stuart Sheldon wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Thanks for the response Andrew,
>>
>> Using ad for my idmap sounds like what I'm looking for. I'm having
>> problems finding how I add the map ids to the AD manually for new users.
>> Could you direct me to some information regarding cli tools to do that?
>>
>> Thanks Again,
>>
>> Stu
> Hi
> If you want to do it manually e.g. to add a domain user called steve2:
>
> samba-tool user add steve2
> (enter the passwords)
>
> then edit the record:
> ldbedit --url=/usr/local/samba/private/sam.ldb cn=steve2
>
> You can use any editor:
>
> ldbedit -e gedit --url=/usr/local/samba/private/sam.ldb cn=steve2
>
> Here is a fully loaded domain user with the rfc2307 objects and
> attributes added you need to forget about idmap altogether:) With this
> lot, he's good for both Linux and windows clients.
>
> # editing 1 records
> # record 1
> dn: CN=steve2,CN=Users,DC=hh3,DC=site
> cn: steve2
> instanceType: 4
> whenCreated: 20130412075527.0Z
> uSNCreated: 3737
> name: steve2
> objectGUID: 1fb4f5fe-11db-47da-a3d7-962717a81881
> badPwdCount: 0
> codePage: 0
> countryCode: 0
> badPasswordTime: 0
> lastLogoff: 0
> lastLogon: 0
> primaryGroupID: 513
> objectSid: S-1-5-21-1555648365-2472922434-3126067274-1106
> logonCount: 0
> sAMAccountName: steve2
> sAMAccountType: 805306368
> userPrincipalName: steve2 at hh3.siteHere is a fully loaded domain user
> with thfor both Linux and windows clients. You can any editor:e rfc2307
> objects and idmap attributes added. With this lot, he's good for both
> Linux and windows clients.
> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=hh3,DC=site
> pwdLastSet: 130102269270000000
> userAccountControl: 66048
> accountExpires: 0
> uidNumber: 3000034
> gidNumber: 20513
> unixHomeDirectory: /home/users/steve2
> loginShell: /bin/bash
> objectClass: top
> objectClass: posixAccount
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> profilePath: \\hh16\profiles\steve2
> homeDrive: Z:
> homeDirectory: \\hh16\users\steve2
> whenChanged: 20130412075530.0Z
> uSNChanged: 3743
> distinguishedName: CN=steve2,CN=Users,DC=hh3,DC=site
>
> Note: you'll soon get bored adding all the extra stuff but it's easy to
> write a script to automate it.
>
> You need to tell Samba to use AD in the [global] section of smb.conf:
> idmap_ldb:use rfc2307 = Yes
>
> As a matter of interest, how do you plan on pulling the id info from the
> database?
> hth
> Steve
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJRaZVEAAoJEFKVLITDJSGSvpwP/jiBs8fpb65QHv4Msy3q+xI6
/var0IuHL3O/kWCknJJRNb66G71xWJGWs2QHTY+gI9eKc1c3XxGcQHu9nxbDA//Z
3W0bXx4fmmIBOXZgHcjA5wCffakkn9gWjnoH660ZasPYVtv9v8w7ArcmHoMmk1Lc
Hl8bH3ZIIhvNF85lcQuN7/CG5bA/Ha4HRTAzgib3kVgsu1iuvUg/uS03kY/NdsuB
2wsnMoA/qbseh5jEqKrwdiFW+3Oc+4bp3sLA3tCAFcGHAu0X4G3q+dV5V8JEgZy6
La1XL4dU0fOTJbSiHGNOrZN7x+4JsZ98f/uAUdjyxgZIYlEBwL9KuVuoKdLn8wu0
xZMVO25lsjO7jxC1AIz2Ojwh91NjDV+bZiBCfyHPXJ0iWrlfaWBJXot+rhCuUsTb
xa/iUq/+T64FWdRXtkUQyv4JLmduRqWivAVQuNW3tXcilrliLLQ8YxtXxkrOZNu7
hSlnK2yIabSCtGjV81VxzUc2SC4y4AtdmbinC8mUM7MJ0WtE648ACQXGyeLjAhw+
w+BZnIvj5TtxT5J+QfcJW7JySUyo9gfNQ9gucUQpPpJKIz9qaRd2MX/wcPitS1Y3
ZrI4VtiZEXaO54Jicpqf2mMVDMvC6mk7w+dU0nELW/6tyHoA4zcfNYK3lURDHF7G
Pzart45F4KaMmjvM5iMY
=4Vau
-----END PGP SIGNATURE-----
More information about the samba
mailing list