moving users and groups to an ou ?
lukas at eecs.qmul.ac.uk
Thu Jun 7 05:07:59 MDT 2012
On 07/06/12 11:25, Andrew Bartlett wrote:
> On Thu, 2012-06-07 at 10:49 +0200, denis.bonnenfant wrote:
>> I'm working on adding support in samba-tool for moving users and groups
>> to OUs, just like the windows mmc utility does. This is required for
>> command-line GPO support.
>> Basically for moving user to ou=new_ou, I tried something like :
>> m = samdb.search(base=dc=example, expression="(samaccountname=user)")
>> m.dn = "cn=user,ou=new_ou,dc=example"
>> But I'm getting errors, as some constraints in samdb prevents some
>> attributes to be written directly (primarygroup...)
>> I tried with an ldif message, but i get the same errors. My conclusion
>> is that I have to bypass the samdb module constraints, is there a way
>> to do that in python ? And in this case, does the groups memberships
>> will be updated ?
> Why are you not just renaming the users? You cannot just delete and add
> users like that.
> Andrew Bartlett
Denis, I presume all you want to do is a dn change.
You could use moddn operation to move it to a different OU
(http://tools.ietf.org/html/rfc4511#section-4.9). Example ldif:
dn: CN=bar,OU=Domain Users,DC=mydomain,DC=com
newsuperior: OU=Domain Users Test,DC=mydomain,DC=com
I have only tested it using ldapmodify tool against S4 but i'm assuming
it will also work with an appropriate samdb call.
More information about the samba-technical