[Samba] The problem with setting up AD domain to Samba 4

Vladimir A Fomkin vaf at vaf.net.ru
Thu Jun 27 05:58:10 MDT 2013

samba-tool don't work with --uid-number option!

root at bdc:/usr/local/samba/var/profiles# ../../bin/samba-tool user add repl4
Usage: samba-tool user add <username> [<password>] [options]

samba-tool user add: error: no such option: --uid-number

and internal help for this command does not have this option:

root at bdc:/usr/local/samba/var/profiles# ../../bin/samba-tool user add --help
Usage: samba-tool user add <username> [<password>] [options]

Create a new user.

This command creates a new user account in the Active Directory domain.  The
username specified on the command is the sAMaccountName.

User accounts may represent physical entities, such as people or may be used
as service accounts for applications.  User accounts are also referred to as
security principals and are assigned a security identifier (SID).

A user account enables a user to logon to a computer and domain with an
identity that can be authenticated.  To maximize security, each user should
have their own unique user account and password.  A user's access to domain
resources is based on permissions assigned to the user account.

The command may be run from the root userid or another authorized userid.
-H or --URL= option can be used to execute the command against a remote

samba-tool user add User1 passw0rd --given-name=John --surname=Smith --must-
change-at-next-login -H ldap://samba.samdom.example.com

Example1 shows how to create a new user in the domain against a remote LDAP
server.  The -H parameter is used to specify the remote target server.  The
option is used to pass the userid and password authorized to issue the

sudo samba-tool user add User2 passw2rd --given-name=Jane --surname=Doe

Example2 shows how to create a new user in the domain against the local
server.   sudo is used so a user may run the command as root.  In this
example, after User2 is created, he/she will be forced to change their
password when they logon.

samba-tool user add User3 passw3rd --userou=OrgUnit

Example3 shows how to create a new user in the OrgUnit organizational unit.

  -h, --help            show this help message and exit
  -H URL, --URL=URL     LDB URL for database or target server
                        Force password to be changed on next login
  --random-password     Generate random password
  --use-username-as-cn  Force use of username as user's CN
  --userou=USEROU       Alternative location (without domainDN counterpart)
                        default CN=Users in which new user object will be
  --surname=SURNAME     User's surname
                        User's given name
  --initials=INITIALS   User's initials
                        User's profile path
                        User's logon script path
                        User's home drive letter
                        User's home directory path
                        User's job title
                        User's department
  --company=COMPANY     User's company
                        User's description
                        User's email address
                        User's home page
                        User's phone number
                        User's office location

  Samba Common Options:
    -s FILE, --configfile=FILE
                        Configuration file
    -d DEBUGLEVEL, --debuglevel=DEBUGLEVEL
                        debug level
    --option=OPTION     set smb.conf option from command line
    --realm=REALM       set the realm name

  Credentials Options:
                        DN to use for a simple bind
    -U USERNAME, --username=USERNAME
    -W WORKGROUP, --workgroup=WORKGROUP
    -N, --no-pass       Don't ask for a password
    -k KERBEROS, --kerberos=KERBEROS
                        Use Kerberos
                        IP address of server

  Version Options:
    -V, --version       Display version number

2013/6/26 steve <steve at steve-ss.com>

> On Wed, 2013-06-26 at 15:06 +0400, Vladimir A Fomkin wrote:
> > Hi again!
> > I configured my AD samba PDC and BDC for applying uid from uidNumber
> > line in AD LDAP.
> > But I have a problem - "uidNumber" is not a creating automaticaly. I
> > must create this for each user by hands. How to solve this problem?
> > Thx!
> >
> samba-tool user add vladimir --uid-number=1234567
> Now for your next question:
> How do I choose the uid-number;)
> hth
> Steve

С уважением,
Фомкин Владимир Андреевич

More information about the samba mailing list