[Samba] Creating users via Perl Net::LDAP (solved)
Pablo T. Virgo
pvirgo at solutionsforprogress.com
Thu Feb 14 14:12:34 MST 2013
To answer my previous questions, in case anyone else ever comes running to google.
1. Samba 4 is an active directory work alike, so searches like "add active directory user Perl" may turn up results that "add samba4 user perl" will not. I should have realized that sooner.
2. Minimally, the following attributes need to be set (pseudo-code):
objectClass = ("top", "person", "organizationalPerson", "user")
cn = $username
distinguishedName = "cn=" . $username . ",cn=Users," . $domain_name;
unicodePwd = $encoded_password # This attribute is not visible via browsing
sAMAccountName = $username,
userPrincipalName = $username . '@' . $domain_name,
userAccountControl = '512' # This makes the difference between a locked and available # account
3. The following may get you part-way to roaming profiles, though I seem to be missing something still, maybe on permissions. Note that '\\' will be '\\\\' by the time you escape it in Perl.
profilePath = '\\' . $server_url . '\profiles\' . $username . '\'
4. Actually encoding a Windows available password:
use Unicode::String qw(utf8 utf16le);
# pass_encode($string)
# Take a string, encode it to a form appropriate for Windows machines to
# read as a password. This can actually be done in a single line of
# code, but for clarity's sake I have broken it down.
sub pass_encode
{
my $password = $_[0];
# Create a string object, which includes the function to convert to
# desired "utd16le" form.
my $pass_utf8 = utf8('"' . $password . '"');
# Get the utf16le format, which is apparently Windows specific.
my $pass_win = $pass_utf8->utf16le();
return $pass_win;
}
Anyway, I hope that helps the next guy out. Good luck out there!
--
Pablo Virgo
System Administrator
Solutions for Progress, Inc.
728 South Broad Street
Philadelphia, PA 19146
Phone: 215-701-8075
Fax: 215-972-8109
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba/attachments/20130214/0839dff0/attachment.pgp>
More information about the samba
mailing list