[Samba] Winbind question

Bruno MACADRÉ bruno.macadre at univ-rouen.fr
Mon Aug 11 11:04:44 MDT 2014 

Thanks for all answers,

I've added unix attributes to user foo by usnig ldbmodify and it appears 
on getent passwd (with idmap backend = ad), I've done same with my 
"domain users" group (added only gidNumber attribute) but it don't 
appear with getent group, but with 'getent group "domain users"' the 
group appears fine.... may be a bug between getent, nss and winbind....

At last.... it works (except 'getent group'... but chown, chgrp, ... 
works) !

Thanks all
Regards,
Bruno

Le 11/08/2014 18:20, Rowland Penny a écrit :
> Hi, glad to see that you have got it working and the answer to your
> question is YES.
>
> If you use ADUC to create users and then update them via the
> UNIX-Attributes, the first time you do this a couple of missing attributes
> get added:
> msSFU30MaxUidNumber and msSFU30MaxGidNumber
>
> Guess what they do ?
>
> Yes, that's right, they store the next uidNumber & gidNumber, so by using
> an ldif you can easily write a script around ldbmodify to add the required
> SFU attributes (you could easily done this even if you have 500 users)
>
> Rowland
>
>
>
> On 11 August 2014 16:49, Ryan Ashley <ryana at reachtechfp.com> wrote:
>
>> So you're saying that even though the ad backend is working, you'd still
>> have to do this manually? Mine all have ID's I entered manually, but I do
>> not have that many users. Is there possibly a way to add a script that runs
>> on user creation that will find the first free ID in a range and set it for
>> that user's uidNumber and gidNumber?
>>
>> On 08/11/2014 11:47 AM, steve wrote:
>>
>>> On Mon, 2014-08-11 at 17:26 +0200, Bruno MACADRÉ wrote:
>>>
>>>   I can't specify all POSIX attributes with
>>>> ADUC over about 5000 users by hand....
>>>>
>>>
>>>   I will fallback to rid idmap backend... it works fine
>>> Hi
>>> If you don't mind ids that differ between machines, then rid is the way
>>> to go. Otherwise, script from your working rid output using getent
>>> passwd, cut the (nice friendly colon delimited) id and then ldbmodify it
>>> into AD as uidNumber. Any new users, just remember to add the values
>>> when you create them.
>>>
>>>
>>>
>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba

-- 

Bruno MACADRE
-------------------------------------------------------------------
  Ingénieur Systèmes et Réseau     | Systems and Network Engineer
  Département Informatique         | Department of computer science
  Responsable Info SER             | SER IT Manager
  Université de Rouen              | University of Rouen
-------------------------------------------------------------------
Coordonnées / Contact :
	Université de Rouen
	Faculté des Sciences et Techniques - Madrillet
	Avenue de l'Université
	CS 70012
	76801 St Etienne du Rouvray CEDEX
	FRANCE

	Tél : +33 (0)2-32-95-51-86
	Mob : +33 (0)6-74-71-45-64
-------------------------------------------------------------------

More information about the samba mailing list