[Samba] Create Organizational units (OU) from Unix.

Rowland Penny rowlandpenny at googlemail.com
Tue Sep 23 01:39:56 MDT 2014 

On 23/09/14 06:55, Prunk Dump wrote:
> 2014-09-22 19:22 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>:
>> On 22/09/14 17:32, Prunk Dump wrote:
>>> Hello,
>>>
>>> Is there a way to create an OU (in the AD sence) from Unix with the
>>> samba tools ?
>>>
>>> I have made a script that create all my users and groups (for a
>>> school). But I still need to create the OUs manually from windows with
>>> RSAT.
>>>
>>> Thanks.
>>>
>>> Baptiste.
>> You need to script around an ldif similar to this:
>>
>> dn: OU_PATH,dc=example,dc=com
>> changetype: add
>> objectClass: top
>> objectClass: organizationalunit
>>
>> You then add this with ldbmodify, but with one proviso, you can only create
>> one OU at a time unless you do it with multiple stanzas
>> i.e. using a DN of ou=secondou,ou=firstou,dc=home,dc=com would fail unless
>> ou=firstou,dc=home,dc=com already existed, but an ldif such as:
>>
>> dn: firstou,dc=example,dc=com
>> changetype: add
>> objectClass: top
>> objectClass: organizationalunit
>>
>> dn: ou=secondou,ou=firstou,dc=example,dc=com
>> changetype: add
>> objectClass: top
>> objectClass: organizationalunit
>>
>>   would work as firstou would be created before secondou.
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
> Thank you very much ! I have just some other questions :
>
> The OU need to be created only in sam.ldb ? and do you know if an OU
> created like this will be compatible with  RSAT ? There are no more
> information stored in the LDB database when the OU is created from
> RSAT ?
Sorry, yes you need to create this in sam.ldb i.e.

ldbmodify --url=/path/to/sam.ldb /path/to/ldif

The only other attribute that RSAT (ADUC) adds is 'description', you can 
add this if you like.

Rowland

> Thank you again for your help. It will be possible for me now to
> complete my scipts to manage my AD completely automatically !
>
> Thanks !
>
> Baptiste.

More information about the samba mailing list