[Samba] Must Samba4 AD be provisionned with rfc2307 to use winbind ?
rowlandpenny at googlemail.com
Sat Sep 28 02:11:36 MDT 2013
On 28/09/13 01:06, me at electronico.nc wrote:
> Without the rfc2307 domain provision, will I have to add manually
> uidNumber and guiNumber each time a new user is created from Windows
> Management Console ?
Even with RFC2307 domain provision, you will have to add the uidNumber &
gidNumber manually, as Steve says, you can do this with samba-tool, but
YOU have to supply these numbers, they are not incremented automatically.
You need to write a script around samba-tool and find somewhere to get
the numbers from, you could create the user then get the number that
samba4 allocates, then add this as the uidnumber with an ldif file. You
could also use the script that Steve wrote and is, I believe, available
on his blog.
I personally use the ' rIDNextRID' attribute from 'cn=RID
Just add 1 to this and you have the value of the next RID that will be
used when a user is created, you could then use this as the basis for
incidentally, you do not have to provision with '--use-rfc2307' to get
the RFC2307 attributes, you do not even need the rfc2307 line in
smb.conf on the server to use the rfc2307 attributes, as far as Unix is
concerned, it seems to work without them. It probably will lead to
problems elsewhere, but where I do not know and cannot advise not using
the recommended way of provisioning.
Just a thought, Because all the RFC2307 attributes are already in Samba4
AD, does this mean that we are actually running at domain level 2003 R2
? and if so, shouldn't the documentation etc show this.
More information about the samba