[Samba] How can I have new users/groups to include posixAccount/posixGroup schema automatically?
anrdaemon at yandex.ru
Thu Apr 9 14:17:54 MDT 2015
Greetings, Rowland Penny!
>>> well tough, the smbldap-tools were written to do a job, map windows
>>> users to unix users and vice versa.
>> No. smbldap-tools were doing exactly the same as AD do: kept all users in one
> Similar, but not the same, with smbldap-tools you had Unix and ldap
If you want to put it that way...
> with Samba4 AD,
...I have Unix and AD users.
> just like windows AD, you just have AD users.
>>> So what you need now is something to do the same, except you don't have
>>> separate Unix users any more,
>> I never had separate unix users ever (aside from one user - myself, but that
>> was more of a requirement of OS installation process).
>>> just users in AD who can also be Unix users.
>>> If you want your Unix users to have the same IDs everywhere, you need to
>>> use the RFC2307 attributes,
>>> at the moment, how the attributes get into AD is up to you, use ADUC,
>> Time-consuming, requires available Win7 machine. In short - not an option.
>> Doesn't work, as evidently demonstrated recently in the list.
>>> or write your own scripts.
>> The problem with any homemade script is that it isn't portable, and only go as
>> far, as the script writer's understanding of the things at hand.
>> My personal understanding of the AD schema is very limited. I could throw
>> something together, but in reality, I'd rather not do anything like that
>> All that being said, I see the situation as very disturbing. The lack of the
>> very basic, essential tools to manage user/group creation... I'm speechless.
> The user tools are there, they are mostly on windows though.
Can you list some of them?
RSAT is not an option - the only Win7 Pro system at work is a render farm that
have its own work to do, than to let me twitch the checkboxes in some
With best regards,
Thursday, April 9, 2015 22:48:25
Sorry for my terrible english...
More information about the samba