[Samba] Organization of Users in Samba4

Denis Cardon denis.cardon at tranquil-it-systems.fr
Fri Jan 25 01:13:30 MST 2013

Hi Andrew Martin,

Le 24/01/2013 23:54, Andrew Martin a écrit :
> Thanks for the clarification.
> Andrew
>>> I am working on migrating from OpenLDAP using the inetOrgPerson
>>> schema to Samba4. I would like to continue to provide backwards
>>> compatibility with our existing authentication service. In
>>> OpenLDAP, users are all contained inside the People organizational
>>> unit and referenced by uid, for example:
>>> dn: uid=myuser,ou=People,dc=example,dc=com
>>> When using samba-tool to add a user, it places the user inside of
>>> the Users cn, and references the user via its cn entry rather than
>>> via uid:
>>> dn: cn=myuser,cn=Users,dc=example,dc=com
>>> Is there any Samba4 or AD reason why I need to use
>>> cn=myuser,cn=Users,dc=example,dc=com for users, or can I import
>>> them to uid=username,ou=People,dc=example,dc=com and use this
>>> organizational structure instead?
>> You can import them in an OU called People but they will have the rdn
>> CN
>> not UID, why is it like that is because we have to be compatible with
>> the other AD implementation.

If you really need to present your ldap rdn as uid for legacy stuff, I 
guess you could set up a openldap with a rwm overlay 
(http://linux.die.net/man/5/slapo-rwm). However I think if would be 
easier in the end to stick to MSAD standards with cn rid.



>> Matthieu
>> --
>> Matthieu Patou
>> Samba Team
>> http://samba.org
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba

Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0)

More information about the samba mailing list