[Samba] samba-tool group add omits RFC2307 attributes (4.0.9 as AD DC)
Trent W. Buck
trentbuck at gmail.com
Mon Oct 28 18:01:07 MDT 2013
steve <steve at steve-ss.com> writes:
>> Can I tell samba-tool to manage RFC2307 attributes as well as AD
>> attributes?
>
> Not with 4.0.9. You need 4.1 to be able to do that with samba-tool.
OK, thanks. I'll make that plan B for now, because I'm currently
building from alioth.debian.org:/git/pkg-samba/samba.git and that
doesn't have 4.1 yet. (I pulled apart the sernet debs and wasn't
enthusiastic, though I can't remember what specificially I didn't like.)
> classicupgrade accounts that had gidNumber will retain it. New groups do
> not have the gidNumber added. You can easily add it yourself using
> ldbmodify immediately after the group is created. For the Samba4 schema,
> you do not need to add the posixGroup class.
Thanks, I'll look into ldbmodify.
> There is a copy of the schema at:
> YOURSAMBADIR/share/setup/ad-schema
Thanks, I'll look at that, too.
> If you want everything to just work, I'd suggest sssd v1.10 or newer
> which has a very good AD backend for stuff like you want.
And that. I knew about sssd, but started with nslcd because I'd used it
before and had a handle on it. I'm on Debian 7 which ships sssd 1.8.4.
I can look into backporting 1.10 or 1.11 from jessie/sid - is >1.10
critical, or merely nice-to-have?
More information about the samba
mailing list