[Samba] The problem with setting up AD domain to Samba 4
Vladimir A Fomkin
vaf at vaf.net.ru
Thu Jun 27 05:58:10 MDT 2013
Hi!
samba-tool don't work with --uid-number option!
root at bdc:/usr/local/samba/var/profiles# ../../bin/samba-tool user add repl4
--uid-number=3100003
Usage: samba-tool user add <username> [<password>] [options]
samba-tool user add: error: no such option: --uid-number
and internal help for this command does not have this option:
root at bdc:/usr/local/samba/var/profiles# ../../bin/samba-tool user add --help
Usage: samba-tool user add <username> [<password>] [options]
Create a new user.
This command creates a new user account in the Active Directory domain. The
username specified on the command is the sAMaccountName.
User accounts may represent physical entities, such as people or may be used
as service accounts for applications. User accounts are also referred to as
security principals and are assigned a security identifier (SID).
A user account enables a user to logon to a computer and domain with an
identity that can be authenticated. To maximize security, each user should
have their own unique user account and password. A user's access to domain
resources is based on permissions assigned to the user account.
The command may be run from the root userid or another authorized userid.
The
-H or --URL= option can be used to execute the command against a remote
server.
Example1:
samba-tool user add User1 passw0rd --given-name=John --surname=Smith --must-
change-at-next-login -H ldap://samba.samdom.example.com
-Uadministrator%passw1rd
Example1 shows how to create a new user in the domain against a remote LDAP
server. The -H parameter is used to specify the remote target server. The
-U
option is used to pass the userid and password authorized to issue the
command
remotely.
Example2:
sudo samba-tool user add User2 passw2rd --given-name=Jane --surname=Doe
--must-change-at-next-login
Example2 shows how to create a new user in the domain against the local
server. sudo is used so a user may run the command as root. In this
example, after User2 is created, he/she will be forced to change their
password when they logon.
Example3:
samba-tool user add User3 passw3rd --userou=OrgUnit
Example3 shows how to create a new user in the OrgUnit organizational unit.
Options:
-h, --help show this help message and exit
-H URL, --URL=URL LDB URL for database or target server
--must-change-at-next-login
Force password to be changed on next login
--random-password Generate random password
--use-username-as-cn Force use of username as user's CN
--userou=USEROU Alternative location (without domainDN counterpart)
to
default CN=Users in which new user object will be
created
--surname=SURNAME User's surname
--given-name=GIVEN_NAME
User's given name
--initials=INITIALS User's initials
--profile-path=PROFILE_PATH
User's profile path
--script-path=SCRIPT_PATH
User's logon script path
--home-drive=HOME_DRIVE
User's home drive letter
--home-directory=HOME_DIRECTORY
User's home directory path
--job-title=JOB_TITLE
User's job title
--department=DEPARTMENT
User's department
--company=COMPANY User's company
--description=DESCRIPTION
User's description
--mail-address=MAIL_ADDRESS
User's email address
--internet-address=INTERNET_ADDRESS
User's home page
--telephone-number=TELEPHONE_NUMBER
User's phone number
--physical-delivery-office=PHYSICAL_DELIVERY_OFFICE
User's office location
Samba Common Options:
-s FILE, --configfile=FILE
Configuration file
-d DEBUGLEVEL, --debuglevel=DEBUGLEVEL
debug level
--option=OPTION set smb.conf option from command line
--realm=REALM set the realm name
Credentials Options:
--simple-bind-dn=DN
DN to use for a simple bind
--password=PASSWORD
Password
-U USERNAME, --username=USERNAME
Username
-W WORKGROUP, --workgroup=WORKGROUP
Workgroup
-N, --no-pass Don't ask for a password
-k KERBEROS, --kerberos=KERBEROS
Use Kerberos
--ipaddress=IPADDRESS
IP address of server
Version Options:
-V, --version Display version number
2013/6/26 steve <steve at steve-ss.com>
> On Wed, 2013-06-26 at 15:06 +0400, Vladimir A Fomkin wrote:
> > Hi again!
> > I configured my AD samba PDC and BDC for applying uid from uidNumber
> > line in AD LDAP.
> > But I have a problem - "uidNumber" is not a creating automaticaly. I
> > must create this for each user by hands. How to solve this problem?
> > Thx!
> >
>
> samba-tool user add vladimir --uid-number=1234567
>
> Now for your next question:
> How do I choose the uid-number;)
>
> hth
> Steve
>
>
>
>
--
С уважением,
Фомкин Владимир Андреевич
ICQ:220967838
Skype:vladimir.fomkin
http://vaf.net.ru
More information about the samba
mailing list