[Samba] Winbind question
Rowland Penny
rowlandpenny at googlemail.com
Mon Aug 11 10:20:42 MDT 2014
Hi, glad to see that you have got it working and the answer to your
question is YES.
If you use ADUC to create users and then update them via the
UNIX-Attributes, the first time you do this a couple of missing attributes
get added:
msSFU30MaxUidNumber and msSFU30MaxGidNumber
Guess what they do ?
Yes, that's right, they store the next uidNumber & gidNumber, so by using
an ldif you can easily write a script around ldbmodify to add the required
SFU attributes (you could easily done this even if you have 500 users)
Rowland
On 11 August 2014 16:49, Ryan Ashley <ryana at reachtechfp.com> wrote:
> So you're saying that even though the ad backend is working, you'd still
> have to do this manually? Mine all have ID's I entered manually, but I do
> not have that many users. Is there possibly a way to add a script that runs
> on user creation that will find the first free ID in a range and set it for
> that user's uidNumber and gidNumber?
>
> On 08/11/2014 11:47 AM, steve wrote:
>
>> On Mon, 2014-08-11 at 17:26 +0200, Bruno MACADRÉ wrote:
>>
>> I can't specify all POSIX attributes with
>>> ADUC over about 5000 users by hand....
>>>
>>
>>
>> I will fallback to rid idmap backend... it works fine
>>>
>> Hi
>> If you don't mind ids that differ between machines, then rid is the way
>> to go. Otherwise, script from your working rid output using getent
>> passwd, cut the (nice friendly colon delimited) id and then ldbmodify it
>> into AD as uidNumber. Any new users, just remember to add the values
>> when you create them.
>>
>>
>>
>>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list