[Samba] samba member logon.. question.
Rowland Penny
rowlandpenny at googlemail.com
Thu Apr 9 08:36:47 MDT 2015
On 09/04/15 15:32, Luca Olivetti wrote:
> El 09/04/15 a les 16:20, Rowland Penny ha escrit:
>> On 09/04/15 14:58, Luca Olivetti wrote:
>>> El 09/04/15 a les 14:57, Andrey Repin ha escrit:
>>>>> Using the RFC2307 attributes, you will get the same ID number on every
>>>>> Unix machine, whereas if you use the 'rid' backend, whilst you should
>>>>> get the same ID on each Unix machine, you will never get the same ID on
>>>>> an AD DC, in fact without intervention, you will get a different ID on
>>>>> different DCs
>>>> Ok, good.
>>>> Now, how can I get RFC2307 attributes populated automatically upon
>>>> users or
>>>> groups creation?
>>> You can't :-(
>>> I'm experimenting with
>>> https://github.com/laotse/SambaPosix
>>> but it's quite buggy (at least regarding the features I'm trying,
>>> namely, trying to assign uids the same way as ADUC).
>>>
>>>
>>> Bye
>> OH yes you can, well I can :-)
> Can you share how?
>
> Bye
You are using python, which to me is a very big snake, so I bash it :-D
I just use these two functions in a bash script:
# Finds the next useable user uidNumber or group gidNumber
# Input : $1
# $1 : msSFU30MaxUidNumber or msSFU30MaxGidNumber
# Output : the first free uidNumber or gidNumber
_findnext () {
ATTR="$1"
if [ -z "${ATTR}" ]; then
error "No Attribute supplied"
error "Cannot continue... Exiting."
exit 1
fi
_NEXTID=$(ldbsearch -H ${LDBDB} -b
"CN=${domainNETBios},CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,${domainDN}"
-s sub '(objectClass=msSFU30DomainInfo)' ${ATTR} | grep "${ATTR}: " |
awk '{print $NF}')
if [ -z "$_NEXTID" ] || [ "$_NEXTID" -lt "10000" ]; then
_NEXTID="10000"
fi
}
# UPDATE msSFU30MaxUidNumber/msSFU30MaxGidNumber
# Input : $1 $2
# $1: what to update (msSFU30MaxUidNumber or msSFU30MaxGidNumber)
# $2: Next Number
#
# Output : Nothing
_updatemax () {
ATTR="$1"
IDNUM="$2"
if [ -z "${ATTR}" ] || [ -z "${IDNUM}" ]; then
error "Incomplete data supplied."
error "Cannot continue... Exiting."
exit 1
fi
echo "Updating ${ATTR}"
IDLDIF="dn:
CN=${domainNETBios},CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,${domainDN}
changetype: modify
replace: ${ATTR}
${ATTR}: ${IDNUM}"
echo "${IDLDIF}" | ldbmodify -H ${LDBDB}
if [ $? != 0 ]; then
error "Error updating ${ATTR} in AD."
echo "${LDIF}" > /tmp/update.ldif
exit 1 # exits here if error
fi
unset IDLDIF
echo "Successfully updated ${ATTR} in AD"
}
Rowland
More information about the samba
mailing list