[Samba] Create Organizational units (OU) from Unix.

Prunk Dump prunkdump at gmail.com
Tue Sep 23 05:11:19 MDT 2014


2014-09-23 9:39 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>:
> On 23/09/14 06:55, Prunk Dump wrote:
>>
>> 2014-09-22 19:22 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>:
>>>
>>> On 22/09/14 17:32, Prunk Dump wrote:
>>>>
>>>> Hello,
>>>>
>>>> Is there a way to create an OU (in the AD sence) from Unix with the
>>>> samba tools ?
>>>>
>>>> I have made a script that create all my users and groups (for a
>>>> school). But I still need to create the OUs manually from windows with
>>>> RSAT.
>>>>
>>>> Thanks.
>>>>
>>>> Baptiste.
>>>
>>> You need to script around an ldif similar to this:
>>>
>>> dn: OU_PATH,dc=example,dc=com
>>> changetype: add
>>> objectClass: top
>>> objectClass: organizationalunit
>>>
>>> You then add this with ldbmodify, but with one proviso, you can only
>>> create
>>> one OU at a time unless you do it with multiple stanzas
>>> i.e. using a DN of ou=secondou,ou=firstou,dc=home,dc=com would fail
>>> unless
>>> ou=firstou,dc=home,dc=com already existed, but an ldif such as:
>>>
>>> dn: firstou,dc=example,dc=com
>>> changetype: add
>>> objectClass: top
>>> objectClass: organizationalunit
>>>
>>> dn: ou=secondou,ou=firstou,dc=example,dc=com
>>> changetype: add
>>> objectClass: top
>>> objectClass: organizationalunit
>>>
>>>   would work as firstou would be created before secondou.
>>>
>>> Rowland
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>> Thank you very much ! I have just some other questions :
>>
>> The OU need to be created only in sam.ldb ? and do you know if an OU
>> created like this will be compatible with  RSAT ? There are no more
>> information stored in the LDB database when the OU is created from
>> RSAT ?
>
> Sorry, yes you need to create this in sam.ldb i.e.
>
> ldbmodify --url=/path/to/sam.ldb /path/to/ldif
>
> The only other attribute that RSAT (ADUC) adds is 'description', you can add
> this if you like.
>
> Rowland
>
>> Thank you again for your help. It will be possible for me now to
>> complete my scipts to manage my AD completely automatically !
>>
>> Thanks !
>>
>> Baptiste.
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba


Thank you very much !

This is exactly what I want !

Baptiste.


More information about the samba mailing list