[Samba] smbldap-tools and phpldapadmin

Alberto Moreno portsbsd at gmail.com
Tue Jan 18 17:46:55 MST 2011


On Mon, Jan 17, 2011 at 4:38 AM, Dimitri Yioulos <dyioulos at firstbhph.com> wrote:
> On Saturday 15 January 2011 4:26:03 pm William
> Brown wrote:
>> > If I enter the command "smbldap-useradd -a -m
>> > -M juser -g "Domain Users" -G "Domain Admins"
>> > -G "Administrators" -c "Joe User" juser"
>> > (beginning and ending parens for clarity), I
>> > do indeed create the type of user I'm trying
>> > to create.  And, that user appears in the
>> > list of users in PhpLdapAdmin.
>> >
>> > However, if I create the same type of user
>> > using the PhpLdapAdmin "Samba3 Account"
>> > template, the user doesn't have the same
>> > attributes as the ones created via
>> > smbldap-useradd.
>>
>> Yes, there are schema extensions in samba's
>> ldap admin tool that extend the posix account.
>> You can convert an existing user iirc with that
>> command, since the posix password hash is
>> irrerversible. Also pay attention you MUST use
>> the smbpasswod tool to change passwords, else
>> the userPassword and smbPassword feilds will
>> de-sync.
>>
>> > I could probably create a bash script that
>> > invokes smbldap-useradd for my users to use
>> > to create accounts, but they're CLI-phobic,
>> > so I really want to get PhpLdapAdmin to do
>> > this.
>> >
>> > How can I accomplish this
>> > PhpLdapAdmin/smbldap-useradd "integration?
>> > I'm really not a programmer, so messing with
>> > the PhpLdapAdmin xml files is daunting to me
>> > if, in fact, this is how it's done.  I've
>> > looked through all of the config files
>> > associated with the PDC set-up, but simply
>> > don't see anything in them that would do the
>> > trick.
>>
>> sorry, but edit the templates. Look here
>>
>> http://phpldapadmin.sourceforge.net/wiki/index.
>>php/Templates
>>
>> Also, create a user in ldap, and one in smb,
>> then compare the differences. Some of the
>> fields are autogenerated as well iirc,
>>
>> You can likely cheat with the <value> tag, to
>> call php, that calls your smb script. Something
>> like <value>system("smbldap-useradd -a -m -M"
>> uid "") might do it (you will need to
>> substitute in values like i did with "uid" )
>>
>> > If anyone has accomplished this, I would
>> > greatly appreciate your help!
>> >
>> > Thanks.
>> >
>> > Dimitri
>> >
>> > --
>
>
> Thank you both for your responses.
>
> I was afraid I'd hear, "sorry, but edit the
> templates".  Now, I know the old saw about, "If
> you give a man a fish ... ", but if someone has
> already created such a template, and is willing
> to share it, I'd be extremely grateful.  It's not
> laziness, it's lack of skill in this area.
>
> Thanks.
>
> Dimitri
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


Hi guys.

What I can add to this thread is that, for your safe.

1) Don't use samba 3.0.x, doesn't support windows 7, if someone came
with a machine like, your are doom.
    Use samba 3x is ready to be use as PDC and support windows 7,
windows 2008, etc.
2) The only issue is that u have to setup smbldap-tools by hand
because doesn't have support for samba 3x, but is to easy, I can help
u.
3) I try phpldapadmin but I prefer Mandriva MDS, is the same,  ajax
interface to openldap, I prefer this one is very clean and stable. I
can help u setup this one to.

Migrate from samba 3.0.x to samba 3.x is not a issue, you just have to
upgrade samba, review your settings, maybe some are "on" on samba
3.0.x and "off" on samba3x is what I have seen in my deployments.

 My two cents!!!

-- 
LIving the dream...


More information about the samba mailing list