[Samba] perl code for manipulating Samba LDAP attributes?

Jeff Saxton jsaxton at addamark.com
Wed Aug 18 17:02:35 GMT 2004 

Yeah I haven't found where to read up on the IDMAP stuff, I don't want
to use winbind either.
I'm in the same position of trying to initially populate the DIT,
someone else pointed me at 
Crypt::SmbHash which looks simple enough to use for the passwords

I noticed that once I got smbpasswd working it installed a
sambaDomainName object, is that the base of the
The sambaPrimarygroupSID sambaSID stuff? I really don't know how that
stuff works yet being formerly a 
Strictly unix guy.

One other thing: I guess ( if it's possible ) I'd like to learn enough
to setup Samba3 as a PDC with an LDAP 
Backend, is the Sambe by Example book a good place to start?  The
O'Rielly Using Samba book didn't really have S**T to say about LDAP.

Thanks for your help

Jeff Saxton
Sr. Support Engineer
Addamark Technologies, Inc.
http://www.addamark.com
mailto:support at addamark.com
CELL: +1 415-640-6392


-----Original Message-----
From: William Jojo [mailto:jojowil at hvcc.edu] 
Sent: Wednesday, August 18, 2004 9:37 AM
To: Jeff Saxton
Subject: Re: [Samba] perl code for manipulating Samba LDAP attributes?




On Wed, 18 Aug 2004, Jeff Saxton wrote:

> Since I manage the rest (unix side) of my ldap directory using 
> Net::LDAP I was wondering if there are any perl modules/code out there

> to manipulate/calculate.... the Samba password attributes and the SID 
> stuff?
>

I'm using some ksh scripts, but the calculations I used were the
algorithmic ones. uid*2+1000 and gid*2+1001. these are the old classic
methods used when using smbpasswd as the pw db.

anyway, I just calculate the rid and append it to the end of the server
sid and create the posix/samba account and then the IDMAP entries. I'm
not using winbind for anything here, so i can get away with populating
the whole thing as i create users.

I guess I truly reinvented the wheel, but I needed clear recovery and I
didn't see it if I used the winbindd tdb files. This way all I need is
the users unix uid/gid pair and I can recalculate the rid's so the
permissions inside the ntuser.dat files would be recreated correctly.

do a google search on "mkntpwd" to get the source code for nt/lm hash
creations. I got mine from the Samba-3 by example cd, but it's out
there.

If there's anything else you need, let me know....


Bill


> If no one comes forth I guess I will look at the code for smbpasswd 
> and do it myself, but I would hate to re-invent the wheel.
>
> Jeff Saxton
> Sr. Support Engineer
> Addamark Technologies, Inc.
> http://www.addamark.com <http://www.addamark.com/> 
> mailto:support at addamark.com
> CELL: +1 415-640-6392
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list