[Samba] Samba-tool OU create

Mon Apr 28 00:08:37 MDT 2014

Just wondered if anybody else thought OU's need a place in samba-tool?

With ldif's 

Some explain what the contents should a nTSecurityDescriptor should be here is my example for Users  
D:AI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCDCLCSWRPWPLOCRRCWDWO;;;DA)(OA;;CCDC;bf967aba-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967a9c-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967aa8-0de6-11d0-a285-00aa003049e2;;PO)(A;;LCRPLORC;;;AU)(OA;;CCDC;4828cc14-1437-45bc-9b07-ad6f015e5f28;;AO)(OA;CIIOID;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(OA;CIIOID;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIOID;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(OA;CIIOID;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIOID;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(OA;CIIOID;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIOID;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(OA;CIIOID;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba
 -0de6-11
 d0-a285-00aa003049e2;RU)(OA;CIIOID;RP;037088f8-0ae1-11d2-b422-00a0c968f939;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(OA;CIIOID;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIOID;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIOID;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIOID;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIOID;LCRPLORC;;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(OA;CIIOID;LCRPLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIOID;LCRPLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIID;RPWPCR;91e647de-d96f-4b70-9557-d63ff4f3ccd8;;PS)(A;CIID;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;EA)(A;CIID;LC;;;RU)(A;CIID;CCLCSWRPWPLOCRSDRCWDWO;;;BA)

Creating an ldif for me isn't a trivial task

samba-tool ou add,delete,list would be much easier :)

Stuart

-----Original message-----
> From:Rowland Penny <rowlandpenny at googlemail.com>
> Sent: Wednesday 23rd April 2014 18:38
> To: sambalist <samba at lists.samba.org>
> Subject: Re: [Samba] Samba-tool OU create
> 
> On 23/04/14 17:57, Stuart Naylor wrote:
> > Brilliant, Rowland,
> >
> > OU's as the name, I do use to organise various profiles. To be honest OU's are rather handy as a higher level abstract of security groups.
> >
> > My aim is heterogeneous networks and apart from M$ registry hacks such as group policies I am still thinking the OU is a working demographic for want of a better word.
> >
> > Last night my neighbours threw water and me and shouted at me to stop barking! So it will be of no shock that I intend to try and use RFC2307 with AD and mixed desktop
> > environments.
> 
> Stuart, I know that you are probably a bit excited that your football 
> team is going up (again) but I cannot recommend barking at anybody ;-)
> 
> >
> > My rough botch is to have linux /home scripts run at logon that are distributed by OU currently they will be very much out numbered by M$.
> > They can run automatic as sudo or root as part of the startup applications and the registry is very much an M$ idea, the OU however is pretty useful which ever.
> 
> The OU definitely has a place in AD and yes, samba-tool should be able 
> to create them directly rather than just as part of creating a new user 
> or group, but that is beyond me, so anybody else up for it ??
> 
> Rowland
> 
> > Stuart
> >
> >   
> >   
> > -----Original message-----
> >> From:Rowland Penny <rowlandpenny at googlemail.com>
> >> Sent: Tuesday 22nd April 2014 21:15
> >> To: samba at lists.samba.org
> >> Subject: Re: [Samba] Samba-tool OU create
> >>
> >> On 22/04/14 21:08, Stuart Naylor wrote:
> >>> I don't really think that is an argument. The whole reason we had a European monopoly commission was to provide alternative to Microsoft.
> >>>
> >>> Thats why I am wondering when samba-tool has all the other methods I am confused as to why OU's got left out of the process.
> >>>
> >>> I plan on using Samba as a migration path to Linux desktops where I have an eye on the future where the device will be more prevalent.
> >>>
> >>> So at the moment yeah I could use RSAT but that might not always be convenient.
> >>>
> >>> Stuart
> >>>
> >>>
> >>> -----Original message-----
> >>> From: Chan Min Wai<dcmwai at gmail.com>
> >>> Sent: Tuesday 22nd April 2014 20:58
> >>> To: Stuart Naylor <stuartiannaylor at thursbygarden.org>
> >>> Cc: samba at lists.samba.org
> >>> Subject: Re: [Samba] Samba-tool OU create
> >>>
> >>> Dear Stuart,
> >>>
> >>> I dont see the reason why not to use RSAT...
> >>>
> >>> Since it is already there and samba support it...
> >>>
> >>> Why do we need to do something redundant?
> >>>
> >>> On Wed, Apr 23, 2014 at 3:50 AM, Stuart Naylor <stuartiannaylor at thursbygarden.org <mailto:stuartiannaylor at thursbygarden.org>> wrote:
> >>>
> >>> Hi,
> >>>
> >>> Sort of half asked this before and didnt really get a reply.
> >>>
> >>> The ability to create, delete and list OUs would seem to be a fundamental but for some reason is missing.
> >>>
> >>> Could anyone supply any details if its planned or are there alternative methods to create without the use of RSAT?
> >>>
> >>> Stuart
> >>>
> >>> --
> >>>
> >>> To unsubscribe from this list go to the following URL and read the
> >>>
> >>> instructions:  https://lists.samba.org/mailman/options/samba <https://lists.samba.org/mailman/options/samba>
> >>>
> >> Hi Stuart, The thing is, you do not create OU's very often and it is
> >> usually when creating new users or groups and in this case, samba-tool
> >> will create the OU whilst creating the new user or group (if the OU does
> >> not already exist), if you need to create a OU for something else, then
> >> create an LDIF, just like LDAP and then add it with ldbmodify.
> >>
> >> Rowland
> >>
> >>
> 
> 
> 