moving users and groups to an ou ?

denis bonnenfant denis.bonnenfant at diderot.org
Thu Jun 7 06:35:25 MDT 2012


Le 07/06/2012 13:07, Lukasz Zalewski a écrit :
> On 07/06/12 11:25, Andrew Bartlett wrote:
>> On Thu, 2012-06-07 at 10:49 +0200, denis.bonnenfant wrote:
>>> Hello,
>>> I'm working on adding support in samba-tool for moving users and groups
>>> to OUs, just like the windows mmc utility does. This is required for
>>> command-line GPO support.
>>> ....
>>> I tried with an ldif message, but i get the same errors. My conclusion
>>> is that I have to bypass the samdb module constraints,  is there a way
>>> to do that in python ? And in this case, does the groups memberships
>>> will be updated ?
>>
>> Why are you not just renaming the users?  You cannot just delete and add
>> users like that.
>>
I guessed that it can't be done.
>> Andrew Bartlett
>>
>
> Hi all,
> Denis, I presume all you want to do is a dn change.
> You could use moddn operation to move it to a different OU 
> (http://tools.ietf.org/html/rfc4511#section-4.9). Example ldif:
>
> dn: CN=bar,OU=Domain Users,DC=mydomain,DC=com
> changetype: moddn
> newRDN: CN=bar
> deleteoldrdn: 1
> newsuperior: OU=Domain Users Test,DC=mydomain,DC=com
>

Ok, you're right ! I figured that modrdn can only rename the object in 
the same branch, not moving it into the tree.

> I have only tested it using ldapmodify tool against S4 but i'm 
> assuming it will also work with an appropriate samdb call.
>
I'll try it soon.

> Regards
Thanks !


Denis Bonnenfant


More information about the samba-technical mailing list