[Samba] Some Clarification?
steve at steve-ss.com
Sat Apr 13 10:28:56 MDT 2013
On 13/04/13 18:06, Stuart Sheldon wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> Thanks for the response Andrew,
> Using ad for my idmap sounds like what I'm looking for. I'm having
> problems finding how I add the map ids to the AD manually for new users.
> Could you direct me to some information regarding cli tools to do that?
> Thanks Again,
If you want to do it manually e.g. to add a domain user called steve2:
samba-tool user add steve2
(enter the passwords)
then edit the record:
ldbedit --url=/usr/local/samba/private/sam.ldb cn=steve2
You can use any editor:
ldbedit -e gedit --url=/usr/local/samba/private/sam.ldb cn=steve2
Here is a fully loaded domain user with the rfc2307 objects and
attributes added you need to forget about idmap altogether:) With this
lot, he's good for both Linux and windows clients.
# editing 1 records
# record 1
userPrincipalName: steve2 at hh3.siteHere is a fully loaded domain user
with thfor both Linux and windows clients. You can any editor:e rfc2307
objects and idmap attributes added. With this lot, he's good for both
Linux and windows clients.
Note: you'll soon get bored adding all the extra stuff but it's easy to
write a script to automate it.
You need to tell Samba to use AD in the [global] section of smb.conf:
idmap_ldb:use rfc2307 = Yes
As a matter of interest, how do you plan on pulling the id info from the
More information about the samba