[Samba] How can I have new users/groups to include posixAccount/posixGroup schema automatically?
anrdaemon at yandex.ru
Fri Apr 10 06:50:28 MDT 2015
Greetings, Rowland Penny!
>>>>>>> well tough, the smbldap-tools were written to do a job, map windows
>>>>>>> users to unix users and vice versa.
>>>>>> No. smbldap-tools were doing exactly the same as AD do: kept all users in one
>>>>> Similar, but not the same, with smbldap-tools you had Unix and ldap
>>>> If you want to put it that way...
>>>>> with Samba4 AD,
>>>> ...I have Unix and AD users.
>>>>> just like windows AD, you just have AD users.
>>> Lets put it this way, you cannot have a local Unix user and an AD user
>>> with the same name.
>> That is true for LDAP users as well. When LDAP available, it always overshadow
>> my local account with LDAP one.
> This is one area you need to read up on, whilst with LDAP you can have a
> user called 'joe' in /etc/passwd and LDAP, you cannot do this with AD,
> your users must be either in /etc/passwd or AD, but not in both.
uid=1000(anrdaemon) gid=1000(anrdaemon) groups=1000(anrdaemon),4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),107(fuse),114(lpadmin),118(sambashare),120(admin),512(domain admins),513(domain users)
Practice >>> Theory
>>>>> The user tools are there, they are mostly on windows though.
>>>> Can you list some of them?
>>>> RSAT is not an option - the only Win7 Pro system at work is a render farm that
>>>> have its own work to do, than to let me twitch the checkboxes in some
>>>> overloaded GUI.
So, what about tools?
Do you really know any, or just throwing ideas to the wind?
>>> If you only have access to one windows domain machine, why are you
>>> running an AD domain, you would probably be better of running NFS
>> I have six Windows machines that I'm responsible for. Only one of them is Win7.
>> There's other machines (personal notebooks that are not part of the domain),
>> that are using SSH/VPN/CIFS access to the servers.
>>> I am coming to believe that you want everything handing to you on plate,
>>> i.e. you don't really want to help yourself, you want everybody to do
>>> your work for you.
>> I've already "helped myself" in the past three months. That's a big chunk of
>> life taken away by something that should have been a relatively simple
>> All I want now is a working system that would not require my everyday
>> attention for the next seven years.
>> Is this too much to ask for?
With best regards,
Friday, April 10, 2015 15:23:25
Sorry for my terrible english...
More information about the samba