[Samba] Changing default UID/GID beginning for AD
Daniel Thielking
daniel.thielking at ias.rwth-aachen.de
Mon Jun 13 06:27:19 UTC 2016
Yes of course. We use Samba4 ADDC with winbind to get unix attributes
from the DC to the clients. But every time we creating a new member in
the AD we have to change the default shell what is /bin/sh to /bin/tcsh.
So we want to change the default value of the field in the AD that we
don't have to change it every time.
The users logging in on a unix domain member. No login on DC themselves.
Samba Version is 4.4.4 compiled from source no extra options chosen.
____________________________________________ Fachinformatiker für
Systemintegration RWTH Aachen Lehrstuhl für Integrierte
Analogschaltungen Raum 238 ICT Cubes Kopernikusstrasse 16 52074 Aachen
www.ias.rwth-aachen.de E-mail: Daniel.Thielking at ias.rwth-aachen.de
Telefon: 0241-8020647 _____________________________________________
In short, when Samba joined to AD: On DC: winbind[d] is designed to
refuse AD users on DC, to do that all users from AD get shell=/bin/false
for their connection tries are refused by DC On Members: You just have
to set a shell in AD LDAP tree using RFC2307 attributes, for sheel it is
"loginShell". Then winbind will give your users the shell you defined.
No sheel defined and you fallbck on "template shell" which by default is
set to /bin/false.
On 10/06/16 15:45, Daniel Thielking wrote:
> Dear Colleagues,
>
> we have a Samba4 DC in our environment. We are storing unix
> Information in samba's AD.
> Our Problem is:
>
> The default values are not fitting for our environment.
> We want to store a different Shell e.g /bin/tcsh. But the default
> Value is /bin/sh.
>
> Is it possible, to change those default values so that it fits direct
> at the creation of a user?
>
> Regards and thanks
> Daniel
>
More information about the samba
mailing list