[Samba] OpenSSH auth in SAMBA4 LDAP

Luca Olivetti luca at wetron.es
Mon Aug 26 16:56:52 MDT 2013

Al 27/08/13 00:24, En/na Marc Muehlfeld ha escrit:

> I have a windows workstation at work. There I use ADUC. Everything I
> need to administrate users/groups, etc. And if you delegate permissions
> (https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO/AD_Delegation#Delegating_.27Add.2Fchange.2Fdelete_accounts.2Fgroups.27-permissions),
> you don't have to work with an domain administrator account the whole day.
> ADUC has for me some advantages:
> - I can administrate all accounts in a nice clear GUI (I know that linux
> admins shouldn't say that :-))

No, actually that would be OK, since I have to delegate those tasks to
people that have no skills in Linux (and barely manage windows) but..

> - I don't have to track the last UID/GID I give, because it's stored in
> AD and ADUC automatically incements.
> - I can delegate permissions down to attribute level to other
> departments (like human resources for changing phone numbers, etc.)
> - and some more

..when I tried to add a user via ADUC I couldn't see it with nslcd.
Maybe I didn't really use ADUC? (dsa.msc)

>> Another nice thing is that I
>> could script the creation of home directory, mailbox, etc.
>> I though that samba 4 allowed me to do the same, but with windows
>> administrative client (ADUC?)
> Maybe this can be a solution for you:
> https://lists.samba.org/archive/samba/2013-July/174252.html

Mmh, I don't think so. Is that the only option? Isn't there a way to
hook a script in samba 4 when a user is created?


Luca Olivetti
Wetron Automation Technology http://www.wetron.es
Tel. +34 935883004  Fax +34 935883007

More information about the samba mailing list