[Samba] How can I have new users/groups to include posixAccount/posixGroup schema automatically?
rowlandpenny at googlemail.com
Thu Apr 9 13:21:56 MDT 2015
On 09/04/15 19:41, Andrey Repin wrote:
> Greetings, Rowland Penny!
>> well tough, the smbldap-tools were written to do a job, map windows
>> users to unix users and vice versa.
> No. smbldap-tools were doing exactly the same as AD do: kept all users in one
Similar, but not the same, with smbldap-tools you had Unix and ldap
users, with Samba4 AD, just like windows AD, you just have AD users.
>> So what you need now is something to do the same, except you don't have
>> separate Unix users any more,
> I never had separate unix users ever (aside from one user - myself, but that
> was more of a requirement of OS installation process).
>> just users in AD who can also be Unix users.
>> If you want your Unix users to have the same IDs everywhere, you need to
>> use the RFC2307 attributes,
>> at the moment, how the attributes get into AD is up to you, use ADUC,
> Time-consuming, requires available Win7 machine. In short - not an option.
> Doesn't work, as evidently demonstrated recently in the list.
>> or write your own scripts.
> The problem with any homemade script is that it isn't portable, and only go as
> far, as the script writer's understanding of the things at hand.
> My personal understanding of the AD schema is very limited. I could throw
> something together, but in reality, I'd rather not do anything like that
> All that being said, I see the situation as very disturbing. The lack of the
> very basic, essential tools to manage user/group creation... I'm speechless.
The user tools are there, they are mostly on windows though.
More information about the samba