[Samba] Samba 4: Modify group members with LDAP
Rowland Penny
rowlandpenny at googlemail.com
Tue Dec 23 01:01:10 MST 2014
On 23/12/14 05:41, Greg Zartman wrote:
> I'm wanting to change group members by writing to the Active Directory
> using perl Net::LDAP.
>
> I noticed that AD groups have the LDAP objects "member" to list the user
> who is a member of this group. The user object then has the LDAP object
> "memberOf" to record the groups the user is a member of.
>
> I'm wondering if their is a mechanism in Samba AD that sets on of these if
> the other is set? That is, if I set all user members for a given group,
> will active directory update the user "memberOf" attribute?
>
> Thanks,
>
Hi Greg, the mechanism is called 'linkid', see here:
http://msdn.microsoft.com/en-us/library/ms677270%28v=vs.85%29.aspx
Yes, you add the user to the group by adding a member attribute to the
groups object containing the users DN and AD will do the rest.
Rowland
More information about the samba
mailing list