[Samba] Samba 4 , ful list of LDAP-style attributes

Rowland Penny rowlandpenny at googlemail.com
Wed Apr 8 04:15:13 MDT 2015 

On 08/04/15 10:57, Mario Pio Russo wrote:
> sorry guys , I think I didn't explain well.
>
> basically I have a samba 4 domain (created by upgrading+migrating a samba 3
> PDC). For every new user that we add to this domain I need to save some
> additional info which are very specific for our company/department, but the
> problem is that I cannot create custom attributes into the Samba4 ldap
> back-end. For this reason I was thinking to use some "less used" attributes
> of AD. Unfortunately the attribute "Description" is already being used, so
> I was wondering if there are other attributes I can use to store short
> alphanumeric string (e.g. the internal Employee number etc).
>
> Thanks !!
> ___________________________________________________________________________________________
>
> Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353 1
> 815 2236, eMail: mariopiorusso at ie.ibm.com
> IBM Ireland Product Distribution Limited registered in Ireland with number
> 92815. Registered Office: IBM House, Shelbourne Road, Ballsbridge, Dublin 4
>
> (Embedded image moved to file: pic61814.gif)
>
>
>
> From:	Rowland Penny <rowlandpenny at googlemail.com>
> To:	samba at lists.samba.org
> Date:	07/04/2015 16:53
> Subject:	Re: [Samba] Samba 4 , ful list of LDAP-style attributes
> Sent by:	samba-bounces at lists.samba.org
>
>
>
> On 07/04/15 16:42, Mario Pio Russo wrote:
>> Good Day all
>>
>> I am going to create few scripts that uses the ldapmodify in order to
>> populate and samba4 Domain, I was wondering , what is the full list of
>> attributes that a samba 4 domain supports?
>>
>> thanks
>>
> ___________________________________________________________________________________________
>
>> Mario Pio Russo, System Admin SWG IT Services Dublin, Phone & FAX: +353 1
>> 815 2236, eMail: mariopiorusso at ie.ibm.com
>> IBM Ireland Product Distribution Limited registered in Ireland with
> number
>> 92815. Registered Office: IBM House, Shelbourne Road, Ballsbridge, Dublin
> 4
>> (Embedded image moved to file: pic56631.gif)
>>
>>
> What do you mean 'populate' ? , this sounds like what 'samba-tool domain
> provision' already does.
>
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>

OK, do you have an ldap.schema of your proposed additions, if so, you 
may be able to create an AD ldif from this with 'oLschema2ldif', this is 
usually in /usr/bin if using a debian package, you can then update AD 
with the resultant .ldif (after you split it into the objectclasses & 
attributes)

If this isn't possible, the schema files are usually installed by 
whatever packages you installed i.e. on Debian, they would be in 
'/usr/share/samba/setup/ad-schema'

It is worth looking in 'MS-AD_Schema_2K8_R2_Attributes.txt' , you might 
find that everything you need is available with AD already.

Rowland

More information about the samba mailing list