Samba 3 to Samba 4 Migration. ( patch)

Lukasz Zalewski lukas at
Wed Nov 3 09:55:56 MDT 2010

Hi Metze,
Thx :)
On 11/03/2010 03:04 PM, Stefan (metze) Metzmacher wrote:
> Hi Lukasz,
> here's my current version of the script (based on your -08 version).
> - I added the --create_user_principal_name option (disabled by default)
>    not everybody wants to have that.
Shall we also add an option flag to the samba-tool newuser cmd as it 
automatically creates userPrinicpalName - (OTOH this is how Active 
Directory Users and Computers creates accounts.)
> - I fixed the 'member' handling for the primary group of a user.
> - I removed some lines like:
>      self.insert_organizationalUnit(self.groups.importdn)
>    where importdn is only the partial dn.
> - I removed IMPORT_TYPE_TRUSTS from IMPORT_TYPE_ALL for now
> metze

Given the recent name changing, maybe this is a good opportunity to 
change to something else (i think we already agreed the 
current name must go)

I have noticed that some of the attributes have to explicitly rejected 
by the user - this seems sensible, but some parameters do have their 
counterparts in samba4, for example shadowMin, shadowMax, shadowExpire, 
shadowFlag, shadowWarning, shadowInactive - shall they be white listed 
(such that they do not trigger keep != remove assertion) or do you want 
them to be explicitly rejected?

Also, python 2.4 does not handle getpass password prompt well when 
redirecting to stdout (2.6 is fine). Do you know of any 
workarounds/solutions for this?

attached is same script with small typo corrected (was 
--create_user_prinical_name instead of --create_user_principal_name)


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
URL: <>

More information about the samba-technical mailing list