[Samba] (properly formatted) Re: adman howto ? and is it safe to apply

Sérgio Basto sergio at serjux.com
Thu Jan 23 04:59:59 UTC 2020


On Wed, 2020-01-22 at 23:05 -0500, Jonathon Reinhart wrote:
> >  security = ads, backend = ad is working !!! 
> > 
> > but I don't have the bultin Administrator, can I add the
> > Administrator
> > ? 
> 
> Per Rowland's advice, Administrator should *not* be assigned a
> uidNumber. I don't claim to fully understand why.

OK , I made some confusion , I see now that Administrator user is
working now, so no need further ids :) 

> > other thing all user have the same  gidNumber, even user from
> > OU=Admins
> > ... , is this supposed to be like this ? 
> 
> Adman first assigns a gidNumber to all of your groups.

with `wbinfo -r user` and with `wbinfo --gid-info=gid` I see that users
have several groups , i.e. is working ! 

Many thanks for all the support . 

BTW, I have 2 fixes for adman , one is support Python 3.6 , using [1]
and second in parse_time [2]


[1]
from subprocess import PIPE
cp = subprocess.run(args, check=True, stdout=PIPE, stderr=PIPE,
universal_newlines=True)

[2]
import dateutil.parser
   try:
        # Heimdal: Dec 30 12:05:58 2019
        return dateutil.parser.parse(s)
    except ValueError:
        pass


> Then, it sets each users's gidNumber to the gidNumber of their
> "Primary Group". It turns out this is somewhat unnecessary because
> Winbind follows the same logic. But other LDAP clients might not.
>  
> Currently the uidNumber / gidNumber assignment does nothing based on
> the OU in which the users exist.
> 
> Jonathon
-- 
Sérgio M. B.




More information about the samba mailing list