[Samba] samba member logon.. question.
Andrey Repin
anrdaemon at yandex.ru
Fri Apr 10 07:22:38 MDT 2015
Greetings, Rowland Penny!
> On 10/04/15 08:54, Luca Olivetti wrote:
>> El 09/04/15 a les 18:31, Rowland Penny ha escrit:
>>
>>> If your tools rely on the posix objectclasses being there, then they are
>>> broken. The posix objectclasses are auxiliaries of other AD
>>> objectclasses and as such, no windows tools will add them.
>> but, e.g., samba-tool with --uid will:
> Yes, I know, but it shouldn't!
Ok, what other schema contains the following attributes:
uidNumber
unixHomeDirectory
loginShell
gidNumber
?
> I believe it is this line in samdb.py that adds it:
> ldbmessage2["objectClass"] = ldb.MessageElement('posixAccount',
> ldb.FLAG_MOD_ADD, 'objectClass')
> If I knew how to format a patch, I would propose its removal, because
> A) I think it shouldn't be there
> B) I know it works without it
> Also, the classicupgrade shouldn't add the posix objectclasses either.
> Why shouldn't you add the posix objectclasses ? Well consider this, you
> have a domain with two admins, one who adds users from Unix using tools
> that add the posix objectclasses and one that uses ADUC and the UNIX
> Attributes tab. The Unix based admin uses tools that rely on the posix
> objectclasses and can see all the users they added, but they will not
> see any users that the ADUC based admin added.
> Or to put it another way, Samba 4 working in AD mode is trying to be
> compatible with windows AD, so Samba shouldn't add anything that windows
> doesn't.
You're making no sense whatsoever. How would your proposed Samba communicate
with POSIX system it is running on then?
--
With best regards,
Andrey Repin
Friday, April 10, 2015 15:51:04
Sorry for my terrible english...
More information about the samba
mailing list