Unable to add posixAccount objectclass to AD user
Andrew Bartlett
abartlet at samba.org
Wed Dec 9 14:51:00 MST 2009
On Wed, 2009-12-09 at 22:53 +0200, Sassy Natan wrote:
> Did u manage to fix it?
> It seems when I first check the posix account it was working (on
> alpha10 and 9). But I was mistaken.
> I can't add a posix account and I can tell why? Any Solution?
>
> The only work around I could do was to create the following attribute
> and work via ADUC with the unix extension on it
>
> Just create the following:
> 1. 'CN=ypServ30,CN=RpcServices,CN=System,DC=domain,DC=local' as
> objectClass: top; container;
> 2. CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=local,DC=local;
> as objectClass: top; container;
> 3. CN=domain,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=boxit,DC=local'
> as objectClass: top; msSFU30DomainInfo; and add to the object this:
>
> 1> msSFU30OrderNumber: 10000;
> 1> msSFU30MasterServerName: DC;
> 1> msSFU30MaxGidNumber: 10000;
> 1> msSFU30MaxUidNumber: 10000;
>
> I add this using ADSI and manage to create a Posix Users but from cli
> or ldap utility I also get access volition.
>
> Andrew, Are the patches brendan do the trick?
The patches from Brendan are part of the development of a fix - they
don't work yet (they break provision), but we have not yet determined
what the exact issue is.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20091210/841509da/attachment.pgp>
More information about the samba-technical
mailing list