[Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
steve
steve at steve-ss.com
Tue Aug 13 04:03:24 MDT 2013
On Tue, 2013-08-13 at 10:06 +0200, Markus Gillmeister wrote:
> Steve, thanks a lot, I finally got sssd (version 1.8.4) on debian wheezy
> working with samba 4 (Version 4.0.8-SerNet-Debian-5.wheezy)!
>
> But one last question regarding unix attributes in the AD stays: I noticed
> that uidnumber/gid... is not written back to the active directory when
> creating a user or group. I set "idmap_ldb:use rfc2307 = yes" in my
> smb.conf, but it seems that samba-tool is ignoring this. Is this a bug?
>
> At http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.html I
> see a script that wraps around the "samba-tool" when creating a user. After
> creating it asks winbind for uid/gid and writes these information back to
> AD. This seems fine as workaround but it would be nice if samba-tool does
> this out-of-the-box or?
>
Hi
You have to add the attribute yourself on 4.0.8 and earlier. That's what
our scripts do. It's unfortunate that samba-tool doesn't do this. The
devs use a non AD solution for rfc2307. There is some better news: the
new RC's and master have e.g.
samba-tool user add steve [...] --uid-number=12345678
which does add the necessary attribute to AD
I'd recommend using the latest version of sssd. It has native support
for AD and loads of other goodies such as dynamic dns. Although it's
non-trivial building it on Debian, it would be worth the effort.
Many congrats on getting 1.8.4 working however.
Cheers,
Steve
More information about the samba
mailing list