[Samba] winbind on DC : how use gidNumber instead of primaryGroupID as user's primary group
Rowland penny
rpenny at samba.org
Tue Aug 20 08:47:36 UTC 2019
On 20/08/2019 09:19, Prunk Dump via samba wrote:
> Le lun. 19 août 2019 à 12:37, Rowland penny via samba
> <samba at lists.samba.org> a écrit :
>> On 19/08/2019 11:13, Prunk Dump via samba wrote:
>>> Last important thing. I use some script to manage my users from Linux.
>>> As I can't use the "id" command to get the user gidNumber on DC :
>>>
>>> What is the fastest command to get the user gidNumber value on a samba DC ?
>>>
>> Sounds like you haven't set up the libnss-winbind links, but when you
>> do, don't be surprised if you get IDs in the '3000000' range
>>
>> Rowland
> Sorry I don't formulate my question very well. Libnss-winbind is well
> configured on my DC. But :
>
> On some of my scripts I need to get the users "gidNumber" attribute
> value. As on DC winbind always give "Domain Users" as gid I can't use
> the "id" or "wbinfo' command to get the "gidNumber" attribute value.
> So my question is : Is there a faster equivalent of this command :
>
> ldbsearch -H /var/lib/samba/private/sam.ldb -b
> a_base_dn_that_contain_all_my_users '(cn=myusername)' gidNumber | grep
> gidNumber | sed 's/gidNumber: //'
>
> Is there a samba command to get as fast as possible an user LDAP
> attribute values ?
No, but if there was, it would probably be a python variant of the above.
You could investigate nslcd.
Rowland
More information about the samba
mailing list