[Samba] Changing default UID/GID beginning for AD
Rowland penny
rpenny at samba.org
Mon Jun 13 16:27:51 UTC 2016
On 13/06/16 13:13, mathias dufresne wrote:
> I loved to find out how to achieve that.
>
> I did looked for information, all I found was that:
> https://social.technet.microsoft.com/Forums/en-US/3e184d10-09e3-4eab-9131-6694b86879f8/modify-default-value-of-loginshell-attribute?forum=winserverDS
>
> Unfortunately it seems to list all users (I don't know these MS commands
> but "Get-AdUser -Filter"...) then sending that list to something to modify
> received users list ("Set-AdObject -Replace
> @{unixhomedirectory='/bin/sh','bin/bash'}" and
> https://technet.microsoft.com/en-us/library/ee617215.aspx).
You could always use ldbmodify on the Samba4 DC and the attribute you
need to change for the users login shell is 'loginShell' :-)
>
> I would have looked into AD schema and configuration DIT (or naming
> context?) but first I did a grep on Samba's source tree looking for
> "/bin/sh" string but that strnig seems to be used for running commands and
> shebangs only, I could easily have missed something anyway.
Try reading
/usr/local/samba/share/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt
Note: the path to your copy may vary.
Rowland
>
> A cheating method is to give that task (user creation) to another team or
> to use LDIF to create user, but you already thought about these options I
> expect : )
>
> Cheers,
>
> mathias
>
>
More information about the samba
mailing list