[Samba] Wither "uidNumber" and "gidNumber"? (was: Re: ldbedit: no matching records - cannot edit (newly-created user))
jseymour at LinxNet.com
Sat Sep 12 20:18:11 UTC 2015
On Sat, 12 Sep 2015 17:59:54 +0100
Rowland Penny <rowlandpenny241155 at gmail.com> wrote:
> OK, now you will need an ldif like this:
> dn: CN=Test User,CN=Users,DC=example,DC=com
> changetype: modify
> add: uid
> uid: user
Where you write "user" in your example, you mean "username," as
opposed to UID, correct?
> add: msSFU30NisDomain
> msSFU30NisDomain: example # change this to your lowercase domain
By "domain" ("example" in your example), do you mean the "Samba NT
Domain" (what shows up for "workgroup =" in smb.conf) or the domain
in which the AD DC resides, minus the TLD? (e.g.: "example.com"
less the ".com" or "dc.example.com" less the ".com"?) I *suspect*
you mean the "NT Domain" or workgroup name.
> add: gidNumber
> gidNumber: 10000 # what ever gidNumber you gave to Domain Users
This is the number you earlier said most people set to 513 or 20513,
yes? Is there a reason most people use one of those numbers? Is
there a common/traditional Unix group name associated with whatever
that GID is? (e.g.: "domusers," "ntusers" or the like?)
> add: unixUserPassword
> unixUserPassword: ABCD!efgh12345$67890 # dummy unix password that
> ADUC gives to all Unix users
Is this a no-op field, or should (can) it have the Unix password, or
should it explicitly *not* have the Unix password or what?
Note: My mail server employs *very* aggressive anti-spam
filtering. If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.LinxNet.com/contact/scform.php>.
More information about the samba