[Samba] Samba LDAP Tools

Loren M. Lang lorenl at alzatex.com
Thu Oct 2 17:29:31 GMT 2008


I am looking for some good tools to manage Samba users in LDAP.  It
looks like there are several good tools mentioned on the Samba Wiki, but
I am concerned mostly with the proper addition of new users to LDAP, in
particular, generating unique SIDs.  smbldap-useradd, for example,
generates the SIDs for primary user and group based off of a simple
formula based on the UID and GID, whereas Samba itself using a very
simple mechanism of storing the next free RID in an LDAP attribute.
Since I still plan to use the Add Computer to Domain wizard in Windows
for adding computers, I am concerned that an overlap could occur between
these two approaches.  AFAIK, there are no SQL-like feature in LDAP like
transactions, unique indices, or sequences that would allow multiple
mechanisms to generate a unique SID.  I wouldn't mind a tool like
pdbedit which goes through Samba to update the backend db, but I want it
to be scriptable and not ask for a password so I can integrate password
updates with other systems such as LDAP (using userPassword) and
Kerberos.
-- 
Loren M. Lang
lorenl at alzatex.com
http://www.alzatex.com/


Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc
Fingerprint: 10A0 7AE2 DAF5 4780 888A  3FA4 DCEE BB39 7654 DE5B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3157 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20081002/215cf3ce/smime.bin


More information about the samba mailing list