[Samba] security = ads, backend = ad parameter not working in samba 4.10.10
Sérgio Basto
sergio at serjux.com
Thu Dec 5 19:48:15 UTC 2019
On Thu, 2019-12-05 at 19:27 +0000, Rowland penny via samba wrote:
> On 05/12/2019 19:08, Sérgio Basto wrote:
> > I did a new AD with a new name.
> You get more than a new name
> > Samba 4.0.0 don't have demote
> Yes, but you could have upgraded to a version that did.
> > , I move from a Sernet software to a free
> > and open software in Centos 7 (I use RedHat flavor since 2001) .
> How did you manage to provision an AD DC using red-hat packages ?
I made the packages [1] (BTW I'm a fedora packager maintainer ).
[1] https://github.com/sergiomb2/sambaad
> > I just migrate the users and his password nothing more ... I had
> > to
> > remove a lot of fields, OU(s) etc for example: [1] .
>
> Just which user attributes did you migrate ?
>
> The users objectSid would have contained the SID of the old Domain,
> for
> instance.
Not objectSid, here is the complete list of attributes [2] extracted
from the final file that was imported .
[2]
accountExpires:
badPasswordTime:
badPwdCount:
cn:
description:
displayName:
distinguishedName:
dn:
givenName:
initials:
lastLogoff:
lastLogon:
lastLogonTimestamp:
logonCount:
logonHours:
msDS-SupportedEncryptionTypes:
mSMQDigests:
mSMQSignCertificates:
name:
objectCategory:
objectClass:
sAMAccountName:
servicePrincipalName:
sn:
streetAddress:
unicodePwd:
userAccountControl:
userParameters:
userPrincipalName:
> > And is working very well, I'm very happy, yesterday I upgrade all
> > DC(s)
> > to samba 4.10.10 and it was very smooth .
> This sure surprises me, people have upgrading correctly and have had
> problems.
No one complained, until now :)
> > And well, I want add a new uidNumber and gidNumber to every user
> > and
> > group in AD , how I can do that ? to use backend = ad , I want use
> > backend = ad .
> >
> You can write a script to do this using ldbmodify, or there is
> 'Adam'
> produced by one of regular poster, see here:
>
> https://gitlab.com/JonathonReinhart/adam
>
> Unfortunately, there appears to be a problem with his git at the
> moment :-(
>
> Or you can wait until 4.12.0 is released, samba-tool will then be
> able
> to do it for you.
Great many many Thanks,
> Rowland
>
>
>
--
Sérgio M. B.
More information about the samba
mailing list