[Samba] Re: Help with user/domain Management fm Windows side
Jim C.
jcllings at gmail.com
Mon Jun 6 17:40:03 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> if you don't want to bother researching what version of smbldap-tools
...
> anyone to say is there?
Actually this was a problem but not my fault.
Because of the infamous "rpm hell" and various changes in Samba and
smbldap-tools (i.e. the underlying perl libraries were a problem ) I was
unable to upgrade without upgrading my entire OS. I had to wait until I
had a suitably large block of time available for this project.
OK, so I've finally been able to do this and I've still got the same old
trouble. I have to say that I am not sure of the perms on the
smbldap-tools. They don't look like they did in previous releases. As
I recall some of them belonged to to the adm group. At the same time, I
can't think of a reason why this setup wouldn't work with "other" set to
r--x.
So, anyway the new stuff is:
[root at enigma samba]# rpm -qa | grep samba; rpm -qa | grep smbldap-tools-0
samba-winbind-3.0.14a-2mdk
samba-server-3.0.14a-2mdk
samba-client-3.0.14a-2mdk
samba-swat-3.0.14a-2mdk
samba-smbldap-tools-3.0.14a-2mdk
samba-vscan-clamav-3.0.14a-2mdk
samba-common-3.0.14a-2mdk
samba-doc-3.0.14a-2mdk
smbldap-tools-0.8.7-5mdk
[root at enigma samba]# testparm | grep smbldap
Load smb config files from /etc/samba/smb.conf
Processing section "[apps]"
.
.
.
Processing section "[public]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd '%g' &&
/usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x
'%u' '%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null
- -c 'Machine Account' -s /bin/false '%u'
Perms for these scripts are:
[root at enigma samba]# ls -l /usr/sbin/smbldap-useradd
/usr/sbin/smbldap-userdel /usr/sbin/smbldap-groupadd
/usr/sbin/smbldap-groupshow /usr/sbin/smbldap-groupdel
/usr/sbin/smbldap-groupmod /usr/sbin/smbldap-groupmod
/usr/sbin/smbldap-usermod /usr/sbin/smbldap-useradd
- -rwxr-xr-x 1 root root 5379 Feb 17 01:21 /usr/sbin/smbldap-groupadd*
- -rwxr-xr-x 1 root root 2473 Feb 17 01:21 /usr/sbin/smbldap-groupdel*
- -rwxr-xr-x 1 root root 8550 Feb 17 01:21 /usr/sbin/smbldap-groupmod*
- -rwxr-xr-x 1 root root 8550 Feb 17 01:21 /usr/sbin/smbldap-groupmod*
- -rwxr-xr-x 1 root root 2009 Feb 17 01:21 /usr/sbin/smbldap-groupshow*
- -rwxr-xr-x 1 root root 17900 Feb 17 01:21 /usr/sbin/smbldap-useradd*
- -rwxr-xr-x 1 root root 17900 Feb 17 01:21 /usr/sbin/smbldap-useradd*
- -rwxr-xr-x 1 root root 3244 Feb 17 01:21 /usr/sbin/smbldap-userdel*
- -rwxr-xr-x 1 root root 18928 Feb 17 01:21 /usr/sbin/smbldap-usermod*
Other things I need verified:
Do I have the right client? I'm using Windows XP and the Active
Directory snap in for users and groups does not seem to be available.
My supposition is that it is a for-pay item. Consequently, I downloaded
the one from NT and that hasn't been working for me either. Anybody got
a clue for me here?
Jim C.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCpIpzB4AhF6wVFMERAqBuAJ98g94y4GNFRmYD9MzNY73N5uUM7gCeJ/nF
MtCd6MLvm4sFtraFiEJbd6E=
=BOq/
-----END PGP SIGNATURE-----
More information about the samba
mailing list