[Samba] rfc2307 deprecated in Windows 2012 R2?
Hans-Kristian Bakke
hkbakke at gmail.com
Thu Jan 29 15:53:41 MST 2015
Ok, it's here: http://pastebin.com/JEnr5wUq
The id_offset is that value because i initially didn't use rfc2307
attributes, but instead
On 29 January 2015 at 23:27, Tim <lists at kiuni.de> wrote:
> @Hans-Kristian:
> I'd like to see it. How did you automate this?
>
> @Andrew:
> In another thread I suggested to set the rfc2307 info automatically when a
> domain is provisioned with --use-rfc2307. Possibly by an additional
> parameter.
> This would make things easier in my eyes.
>
> Thanks
> Tim
>
> Am 29. Januar 2015 22:02:14 MEZ, schrieb Hans-Kristian Bakke
> <hkbakke at gmail.com>:
>>
>> It is actually rather easy to set the attributes via powershell, and
>> that is probably the best way to add them in a Server 2012 R2
>> environment.
>>
>> I wrote a powershell script to do this automatically for users and
>> groups in an entire domain that should be pretty generic to be reused.
>> It also mirrors the logic used in automatic winbind UID/GID generation
>> to be able to coexist in an environment where not all hosts are
>> migrated to rfc2307 yet. If you want it I can give it to you, but as
>> you proably would want to write your own powershell-script you would
>> set properties for users and groups using these two cmdlets and some
>> foreach-logic looping over your search bases, users and groups:
>>
>> Set-ADUser -Identity $username -Replace
>>
>> @{uidNumber=$uid;gidNumber=$primary_group_gid;unixHomeDirectory=$homedir;loginShell=$login_shell}
>>
>> Set-ADGroup -Identity $groupname -Replace @{gidNumber=$gid}
>>
>> On 29 January 2015 at 21:24, Lars Hanke <debian at lhanke.de> wrote:
>>>
>>> Am 29.01.2015 um 21:12 schrieb Tim:
>>>>
>>>>
>>>> But if they take it away how to set them in future?
>>>
>>>
>>>
>>> If you need NIS, you probably have POSIX systems attached. So you can
>>> always
>>> set RFC2307 attributes from POSIX systems.
>>>
>>>
>>>> Am 29. Januar 2015 19:50:22 MEZ, schrieb Andrew Bartlett
>>>> <abartlet at samba.org>:
>>>>>
>>>>>
>>>>> On Wed, 2015-01-28 at 17:22 +0100, Tim wrote:
>>>>>>
>>>>>>
>>>>>> I got the chance to test samba 4 with windows 2012 R2 domain
>>>>>> controller on its highest functional level.
>>>>>>
>>>>>> Possibly it's important to know that M$ says that the "server for NIS
>>>>>> Tools" which are needed to set rfc attributes are deprecated.
>>>>>> I could install them but I can't choose a NIS domain anymore in Unix
>>>>>> attributes.
>>>>>>
>>>>>> Will we run into problems with samba4? Is it time for thinking about
>>>>>
>>>>>
>>>>> a
>>>>>>
>>>>>>
>>>>>> new idmapping backend? I have an idea for this (based on rid module)
>>>>>> but I like to know your thoughts.
>>>>>
>>>>>
>>>>>
>>>>> Even if they take away the admin tools, the schema changes won't go
>>>>> away, so don't worry.
>>>>>
>>>>> --
>>>>> Andrew Bartlett
>>>>> http://samba.org/~abartlet/
>>>>> Authentication Developer, Samba Team http://samba.org
>>>>> Samba Developer, Catalyst IT
>>>>> http://catalyst.net.nz/services/samba
>>>
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list