[Samba] ADUC missing msNPAllowDialin and need vpn advice for ad setup.
Rowland Penny
rpenny at samba.org
Thu Dec 14 14:20:04 UTC 2017
On Thu, 14 Dec 2017 13:52:29 +0100
"L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
>
> Readin : https://wiki.samba.org/index.php/Samba_AD_schema_extensions
>
> Is it an option to make an ldiff for the msNPAllowDialin and others
> on that Dail-in Tab. Im looking at the automount example.
> Hints tips?
>
>
> Greetz,
>
> Louis
OK, I take it back, I do have 'msNPAllowDialin' in AD:
root at dc1:~# ldbsearch --cross-ncs -H /var/lib/samba/private/sam.ldb -b 'CN=Schema,CN=Configuration,DC=example,DC=com' -s sub '(cn=msNPAllowDialin)'
# record 1
dn: CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=example,DC=com
objectClass: top
objectClass: attributeSchema
cn: msNPAllowDialin
instanceType: 4
whenCreated: 20171206114944.0Z
whenChanged: 20171206114944.0Z
uSNCreated: 755
attributeID: 1.2.840.113556.1.4.1119
attributeSyntax: 2.5.5.8
isSingleValued: TRUE
uSNChanged: 755
showInAdvancedViewOnly: TRUE
adminDisplayName: msNPAllowDialin
adminDescription: msNPAllowDialin
oMSyntax: 1
searchFlags: 16
lDAPDisplayName: msNPAllowDialin
name: msNPAllowDialin
objectGUID: cf7b3ec9-7055-428b-826a-41a526cca483
schemaIDGUID: db0c9085-c1f2-11d1-bbc5-0080c76670c0
attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939
systemOnly: FALSE
systemFlags: 16
objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=example,DC=c
om
distinguishedName: CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=example,DC
=com
# returned 1 records
# 1 entries
# 0 referrals
I created an ldif:
dn: CN=sysadmin,OU=itadmin,OU=personnel,OU=People,DC=example,DC=com
changetype: modify
add: msNPAllowDialin
msNPAllowDialin: TRUE
Added the ldif with:
ldbmodify --url=/var/lib/samba/private/sam.ldb msadd.ldif
I now have a user with the 'msNPAllowDialin' attribute
Rowland
More information about the samba
mailing list