[Samba] samba member logon.. question.

Andrey Repin anrdaemon at yandex.ru
Thu Apr 9 12:44:34 MDT 2015


Greetings, Rowland Penny!

>>>> That will only work on a domain controller.
>>> Well yes it will only work on a DC because that is where the AD records
>>> are stored, but it can be run from another Linux machine.
>>>> I don't want to touch it at all,
>>>> if I don't need to blow it apart.
>>> Well, seeing as it is only doing what ADUC does, I do not see it blowing
>>> up your AD DC.
>>>> Not to mention, it will not add "objectClass: posixAccount" to the user,
>>> How many times do I have to say this:
>>> DO NOT ADD POSIX OBJECTCLASSES TO AD, THEY ARE NOT REQUIRED. ADUC WILL
>>> NEVER ADD THEM.
>> They are not required for AD, but they are required for other tools, that work
>> off AD LDAP.
>> Don't scream like that, you may startle someone.

> If your tools rely on the posix objectclasses being there, then they are 
> broken. The posix objectclasses are auxiliaries of other AD 
> objectclasses and as such, no windows tools will add them.

Elaborate, please.
A link would suffice.

>>>> causing all sort of grief in a long run.
>>> WHY ??
>> Because my auth tools, for instance, expect posixAccount class and check for
>> it before processing further with authentication.
>>

> Your auth tools are broken or set up incorrectly.

You're just making things up out of ignorance.
They're set up correctly and work well for seven years already.


-- 
With best regards,
Andrey Repin
Thursday, April 9, 2015 21:42:52

Sorry for my terrible english...



More information about the samba mailing list