[Samba] samba member logon.. question.
Andrey Repin
anrdaemon at yandex.ru
Thu Apr 9 12:44:34 MDT 2015
Greetings, Rowland Penny!
>>>> That will only work on a domain controller.
>>> Well yes it will only work on a DC because that is where the AD records
>>> are stored, but it can be run from another Linux machine.
>>>> I don't want to touch it at all,
>>>> if I don't need to blow it apart.
>>> Well, seeing as it is only doing what ADUC does, I do not see it blowing
>>> up your AD DC.
>>>> Not to mention, it will not add "objectClass: posixAccount" to the user,
>>> How many times do I have to say this:
>>> DO NOT ADD POSIX OBJECTCLASSES TO AD, THEY ARE NOT REQUIRED. ADUC WILL
>>> NEVER ADD THEM.
>> They are not required for AD, but they are required for other tools, that work
>> off AD LDAP.
>> Don't scream like that, you may startle someone.
> If your tools rely on the posix objectclasses being there, then they are
> broken. The posix objectclasses are auxiliaries of other AD
> objectclasses and as such, no windows tools will add them.
Elaborate, please.
A link would suffice.
>>>> causing all sort of grief in a long run.
>>> WHY ??
>> Because my auth tools, for instance, expect posixAccount class and check for
>> it before processing further with authentication.
>>
> Your auth tools are broken or set up incorrectly.
You're just making things up out of ignorance.
They're set up correctly and work well for seven years already.
--
With best regards,
Andrey Repin
Thursday, April 9, 2015 21:42:52
Sorry for my terrible english...
More information about the samba
mailing list