[Samba] The problem with setting up AD domain to Samba 4

Vladimir A Fomkin vaf at vaf.net.ru
Thu Jun 27 05:58:10 MDT 2013 

Hi!
samba-tool don't work with --uid-number option!

root at bdc:/usr/local/samba/var/profiles# ../../bin/samba-tool user add repl4
--uid-number=3100003
Usage: samba-tool user add <username> [<password>] [options]

samba-tool user add: error: no such option: --uid-number



and internal help for this command does not have this option:

root at bdc:/usr/local/samba/var/profiles# ../../bin/samba-tool user add --help
Usage: samba-tool user add <username> [<password>] [options]

Create a new user.

This command creates a new user account in the Active Directory domain.  The
username specified on the command is the sAMaccountName.

User accounts may represent physical entities, such as people or may be used
as service accounts for applications.  User accounts are also referred to as
security principals and are assigned a security identifier (SID).

A user account enables a user to logon to a computer and domain with an
identity that can be authenticated.  To maximize security, each user should
have their own unique user account and password.  A user's access to domain
resources is based on permissions assigned to the user account.

The command may be run from the root userid or another authorized userid.
The
-H or --URL= option can be used to execute the command against a remote
server.

Example1:
samba-tool user add User1 passw0rd --given-name=John --surname=Smith --must-
change-at-next-login -H ldap://samba.samdom.example.com
-Uadministrator%passw1rd

Example1 shows how to create a new user in the domain against a remote LDAP
server.  The -H parameter is used to specify the remote target server.  The
-U
option is used to pass the userid and password authorized to issue the
command
remotely.

Example2:
sudo samba-tool user add User2 passw2rd --given-name=Jane --surname=Doe
--must-change-at-next-login

Example2 shows how to create a new user in the domain against the local
server.   sudo is used so a user may run the command as root.  In this
example, after User2 is created, he/she will be forced to change their
password when they logon.

Example3:
samba-tool user add User3 passw3rd --userou=OrgUnit

Example3 shows how to create a new user in the OrgUnit organizational unit.



Options:
  -h, --help            show this help message and exit
  -H URL, --URL=URL     LDB URL for database or target server
  --must-change-at-next-login
                        Force password to be changed on next login
  --random-password     Generate random password
  --use-username-as-cn  Force use of username as user's CN
  --userou=USEROU       Alternative location (without domainDN counterpart)
to
                        default CN=Users in which new user object will be
                        created
  --surname=SURNAME     User's surname
  --given-name=GIVEN_NAME
                        User's given name
  --initials=INITIALS   User's initials
  --profile-path=PROFILE_PATH
                        User's profile path
  --script-path=SCRIPT_PATH
                        User's logon script path
  --home-drive=HOME_DRIVE
                        User's home drive letter
  --home-directory=HOME_DIRECTORY
                        User's home directory path
  --job-title=JOB_TITLE
                        User's job title
  --department=DEPARTMENT
                        User's department
  --company=COMPANY     User's company
  --description=DESCRIPTION
                        User's description
  --mail-address=MAIL_ADDRESS
                        User's email address
  --internet-address=INTERNET_ADDRESS
                        User's home page
  --telephone-number=TELEPHONE_NUMBER
                        User's phone number
  --physical-delivery-office=PHYSICAL_DELIVERY_OFFICE
                        User's office location

  Samba Common Options:
    -s FILE, --configfile=FILE
                        Configuration file
    -d DEBUGLEVEL, --debuglevel=DEBUGLEVEL
                        debug level
    --option=OPTION     set smb.conf option from command line
    --realm=REALM       set the realm name

  Credentials Options:
    --simple-bind-dn=DN
                        DN to use for a simple bind
    --password=PASSWORD
                        Password
    -U USERNAME, --username=USERNAME
                        Username
    -W WORKGROUP, --workgroup=WORKGROUP
                        Workgroup
    -N, --no-pass       Don't ask for a password
    -k KERBEROS, --kerberos=KERBEROS
                        Use Kerberos
    --ipaddress=IPADDRESS
                        IP address of server

  Version Options:
    -V, --version       Display version number



2013/6/26 steve <steve at steve-ss.com>

> On Wed, 2013-06-26 at 15:06 +0400, Vladimir A Fomkin wrote:
> > Hi again!
> > I configured my AD samba PDC and BDC for applying uid from uidNumber
> > line in AD LDAP.
> > But I have a problem - "uidNumber" is not a creating automaticaly. I
> > must create this for each user by hands. How to solve this problem?
> > Thx!
> >
>
> samba-tool user add vladimir --uid-number=1234567
>
> Now for your next question:
> How do I choose the uid-number;)
>
> hth
> Steve
>
>
>
>


-- 
С уважением,
Фомкин Владимир Андреевич
ICQ:220967838
Skype:vladimir.fomkin
http://vaf.net.ru

More information about the samba mailing list