Unable to add posixAccount objectclass to AD user
Sassy Natan
sassyn at gmail.com
Wed Dec 9 14:54:33 MST 2009
Can I help?
On Wed, Dec 9, 2009 at 11:51 PM, Andrew Bartlett <abartlet at samba.org> wrote:
> On Wed, 2009-12-09 at 22:53 +0200, Sassy Natan wrote:
>> Did u manage to fix it?
>> It seems when I first check the posix account it was working (on
>> alpha10 and 9). But I was mistaken.
>> I can't add a posix account and I can tell why? Any Solution?
>>
>> The only work around I could do was to create the following attribute
>> and work via ADUC with the unix extension on it
>>
>> Just create the following:
>> 1. 'CN=ypServ30,CN=RpcServices,CN=System,DC=domain,DC=local' as
>> objectClass: top; container;
>> 2. CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=local,DC=local;
>> as objectClass: top; container;
>> 3. CN=domain,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=boxit,DC=local'
>> as objectClass: top; msSFU30DomainInfo; and add to the object this:
>>
>> 1> msSFU30OrderNumber: 10000;
>> 1> msSFU30MasterServerName: DC;
>> 1> msSFU30MaxGidNumber: 10000;
>> 1> msSFU30MaxUidNumber: 10000;
>>
>> I add this using ADSI and manage to create a Posix Users but from cli
>> or ldap utility I also get access volition.
>>
>> Andrew, Are the patches brendan do the trick?
>
> The patches from Brendan are part of the development of a fix - they
> don't work yet (they break provision), but we have not yet determined
> what the exact issue is.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Cisco Inc.
>
>
More information about the samba-technical
mailing list