s4: new classicupgrade and uids
Sergey Urushkin
urushkin at telros.ru
Thu Jun 21 06:43:27 MDT 2012
Hi!
I've just made a test upgrade from s3 with the new uid/gid migration
feature and I have some questions:
1. Computer accounts have objectclass:posixAccount and uidNumber
attributes. What is it for? As far as I know unix computer accounts are
needed only for s3 dc, am I right? If so, than computer accounts should
be excluded somehow.
2. 'Administrator' hasn't got an uidNumber (while it had it in
openldap), so it makes me map it manually. Is it a bug or feature?
3. To have an ability to manage user's uid, gid, etc. through dsa.msc we
need to add NIS domain to AD. And then add some attributes to
accounts/groups. Why not to add NIS domain (it's a simple ldif) to
config while provisioning (named as workgroup by default and also have
an provision/classicupgrade option to change the name) and then
additionally modify users like this:
changetype: modify
replace: msSFU30NisDomain
msSFU30NisDomain: $NISDOMAIN
-
replace: msSFU30Name
msSFU30Name: $USER
and groups like this:
changetype: modify
replace: msSFU30NisDomain
msSFU30NisDomain: $NISDOMAIN
-
replace: msSFU30Name
msSFU30Name: $GROUP
Thanks.
--
Best regards,
Sergey Urushkin
More information about the samba-technical
mailing list