# [Samba] 3rd-party tool for creating users as alternative to ADUC

?icro MEGAS micromegas at mail333.com
Mon Oct 27 16:05:00 MDT 2014

Hello list,

I am using the Microsoft ADUC (Active Directory Users & Computers) tool from the RSAT suite for creating and modifying my domain users. I am aware of the "copy" functionality which really is very nice to use. Unfortunately I am missing two important actions during the user-creation process which I try to describe:

1.) When I use the template feauture (by using the "Copy..." user) command, the settings of the tab [Unix Attribute] cannot be copied to the new user created. So after I copied/created the new user, I have manually to open him, choose the [UNIX attribute] tab, then click on the "NIS-domain" field to choose/active MYDOM from the pull-down list. By doing so I am able to assign a uid to that user and thus allow my member server winbind process to enumerate that particular user so he is able to access shares on my member server.

It would be really awesome if this step could be done magically without extra intervention.

2.) Let's say I am creating the user "John Doe". During the creation process, in the [Profile] tab I can choose to connect the home share of that particular user, for example: "Connect Z:\ to \\membersrv1\home\%username%" after I click the [OK] or [Apply] button, the ADUC tool automatically is creating on-the-fly the directory "\\membersrv1\home\johndoe" which works fine. That is a neat feauture but in my opinion it has one big disadvantage ==> the directory .\johndoe on the given share is created with the owner name of the user that is logged-in and using the ADUC tool. In that example, the owner of the directory "\\membersrv1\home\it-admin1" is "it-admin1". If I would have used "smbmap" feauture and thus would have mapped it-admin1 to the root account, the owner of that new automatically created directory would be "root". In conclusion, that is very normal and I did expect that behaviour. ADUC provides this feauture, but I would like to have the "owner = johndoe" in that case. ADUC cannot perform that, I understand it, so I would have to do a "chown johndoe /srv/samba/home/johndoe" to get the desired result.

Is there any 3rd-party AD-user-tool available which could solve the mentioned points?

Mirco.