[Samba] Scripting the next UID/GID number to use
Prunk Dump
prunkdump at gmail.com
Wed May 30 14:19:11 UTC 2018
Hello.
If you want. I have already implemented something like this :
###############################
# get user rfc2307 attributes #
###############################
# get the new uid #
userUid=$(s4ldbsearch -H $samDatabase -s base -b
CN=$shortDomain,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,$baseDN
msSFU30MaxUidNumber | grep 'msSFU30MaxUidNumber:')
if [ -z "$userUid" ]; then
userUid="$baseUid"
else
userUid=$(echo $userUid | sed 's/^msSFU30MaxUidNumber: \(.*\)/\1/')
fi
# get the gid #
strgid=$(wbinfo --group-info="$userClassGroup")
userGid=$(echo $strgid | cut -d ":" -f 3)
#################
#create the user
#################
echo "Creating s4 posix user $userName"
# create the user #
samba-tool user create $userName --userou=$userClassDN --random-password \
--profile-path="\\\\${userServer}\\${profileShare}\\${userName}" \
--home-directory="\\\\${userServer}\\${homeShare}\\${userName}" \
--home-drive="$homeDrive" \
--nis-domain=${shortDomain,,} \
--unix-home="/dnfs/${homeShare}/${userServer}/$userName" \
--uid-number="$userUid" \
--gid-number="$userGid" \
--login-shell="/bin/bash"
# set passwd #
samba-tool user setpassword $userName --newpassword=$userPasswd
samba-tool user setexpiry --noexpiry $userName
############
# next uid #
############
nextUid=$((userUid+1))
echo "dn: CN=$shortDomain,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,$baseDN
changetype: modify
replace: msSFU30MaxUidNumber
msSFU30MaxUidNumber: $nextUid" > /tmp/$userName
ldbmodify --url=$samDatabase -b $baseDN /tmp/$userName
rm /tmp/$userName
######################
# associate the user
# with the class groups
######################
IFS=','
for classGroupOU in $userClassDN; do
classGroup=${classGroupOU#OU=}
classGroup=${classGroup,,}
samba-tool group addmembers $classGroup $userName
done
unset IFS
#######################################
# set primarySID corresponding to gid #
#######################################
#get the group sid from the gid
strsid=$(wbinfo --gid-to-sid=$userGid)
primarygid=$(echo $strsid | cut -d "-" -f 8)
# set the user primarySID
echo "dn: CN=$userName,$userClassDN,$baseDN
changetype: modify
replace: primarygroupid
primarygroupid: $primarygid" > /tmp/$userName
ldbmodify --url=$samDatabase -b $baseDN /tmp/$userName
rm /tmp/$userName
I give you my script.
Regards,
Baptiste.
2018-05-30 15:48 GMT+02:00 Marco Gaiarin via samba <samba at lists.samba.org>:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
>
>> If you just do a 'replace' it will do just that, it will replace the
>> attribute value, even if something has managed to get in before you and
>> changed it, so you could 'replace' the value with the same value.
>
>> If you 'delete' the old value first and it isn't the value you think it
>> is, the delete will fail and the entire update will fail.
>> if you 'add' a new value and the 'delete' failed, the 'add' will fail
>> because the attribute is singled valued and already exists.
>
> Uh, wonderful, now it is perfectly clear.
>
> And i've also noted, only now, that i can do a 'delete with value', i
> was not aware of...
>
>
> Thanks!
>
> --
> dott. Marco Gaiarin GNUPG Key ID: 240A3D66
> Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
> Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
> marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
>
> Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
> http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
> (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list