[Samba] How to learn abut what is in the samba ldap directory
Rowland Penny
rowlandpenny241155 at gmail.com
Sun Sep 6 18:46:51 UTC 2015
On 06/09/15 19:18, Robert Moskowitz wrote:
>
>
> On 09/06/2015 01:26 PM, Marc Muehlfeld wrote:
>> Hello Robert,
>>
>> Am 06.09.2015 um 19:08 schrieb Robert Moskowitz:
>>> I once upon a time worked with DAP and watched LDAP being created as
>>> something that actually could work...
>> what are your goals, by editing LDAP stuff in AD?
>>
>> For beginners, I think ADUC (Active Directory User and Computer), which
>> is part of RSAT (https://wiki.samba.org/index.php/Installing_RSAT), is
>> the best way to change attributes on directory objects.
>>
>> On each object you have an "Attributes" tab, that allows you to access
>> all attributes in an easy way.
>>
>> Beside deleting some important objects (don't delete if you're not
>> knowing the results!), I think this is the easiest and safest way for
>> beginners.
>
> I just want to understand what information is in the ldap directory.
>
> What does the schema(s) containg?
OK, try this run on the DC (requires ldb-tools):
ldbsearch -H /var/lib/samba/private/sam.ldb > samba4.ldif
Now open 'samba4.ldif' in your favourite editor
If you want to also see the DNS info:
ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs > samba4.ldif
If you want to see the binary DNS info:
ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs --show-binary >
samba4.ldif
>
> What did the classicupgrade create?
>
> What gets added when I add a server?
ldbsearch -H /var/lib/samba/private/sam.ldb '(objectclass=computer)'
Will print all Computers
ldbsearch -H /var/lib/samba/private/sam.ldb
'(&(objectclass=computer)(samaccountname=Thinkpad$))'
Will print the info for a particular computer (in this case, one called
'Thinkpad')
ldbsearch -H /var/lib/samba/private/sam.ldb -b 'OU=Domain
Controllers,DC=example,DC=com' -s sub '(objectclass=computer)'
Will print all DCs
ldbsearch -H /var/lib/samba/private/sam.ldb -b 'OU=Domain
Controllers,DC=example,DC=com' -s sub
'(&(objectclass=computer)(samaccountname=dc1$))'
Will print the info for particular DC.
>
> A user?
>
ldbsearch -H /var/lib/samba/private/sam.ldb
'(&(objectclass=user)(samaccountname=rowland))'
Will print the info for a user.
> Did any of my users get added via the classicupgrade?
Don't know, but you now know how to check what is in AD, but if you want
a quick check, run 'wbinfo -u', this should print out all your users.
>
> I know better than to change things with something like phpldapadmin.
> I have messed up enough things in the past with phpmysqladmin! :)
>
>
Been there, done that :-)
Rowland
More information about the samba
mailing list