[Samba] Adding users with ldif file

Rowland penny rpenny at samba.org
Thu Jul 16 11:36:58 UTC 2020 

On 16/07/2020 12:22, RhineDevil wrote:
> Thu, 16 Jul 2020 11:45:19 +0100 Rowland penny via samba <samba at lists.samba.org>:
>> On 16/07/2020 11:24, RhineDevil wrote:
>>> Thu, 16 Jul 2020 10:56:58 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>> On 16/07/2020 10:39, RhineDevil wrote:
>>>>> Thu, 16 Jul 2020 10:31:04 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>>>> On 16/07/2020 10:14, RhineDevil via samba wrote:
>>>>>>> How could I add users and groups using ldif files without interacting with samba-tool?
>>>>>> You will need to write your own scripts around ldapmodify or ldbmodify.
>>>>>>
>>>>>> Rowland
>>>>>>
>>>>> Yes but what fields are required and what autogenerated?
>>>>> Could I have a basic example?
>>>> It depends on whether we are talking about pure Windows users & groups
>>>> or Unix users & groups. I suppose it also depends on where you are going
>>>> to administrate them from.
>>>>
>>>> Can I ask what is wrong with using samba-tool ?
>>>>
>>>> Rowland
>>>>
>>> AFAIK doesn't allow full 1:1 export about gecos, shell and various things from /etc/ flat files
>>> We're talking about Unix users and groups, but made in a way that they're both available in the AD and in NIS. This obviously takes as requirement that RFC2307 was enabled during installation
>> No it doesn't, first, all the RFC2307 attributes are available from the
>> standard AD schema, what isn't installed is the ldif required by IDMU.
>> Secondly, samba-tool can add the required RFC2307 attributes when you
>> create a user or group, you just need to add the required switches to
>> the command. See 'samba-tool user create --help' and 'samba-tool group
>> add --help' for more info and examples.
>>
>> Rowland
>>
> What's IDMU?
Identity Management for UNIX or what gave you the Unix attribute tabs on 
ADUC (Active Directory Users & Computers)
> Yeah I knew how to add RFC2307 support, didn't explain well
> Seen right now the samba-tool user create options, they look nice, maybe migration would be more easy than I thought
>
> And about other data normally supported by a full schema like /etc/aliases /etc/fstab (potentially) /etc/hosts, /etc/networks, /etc/protocols, /etc/rpc, /etc/services and /etc/netgroup?

That would be NIS, you do not need NIS, but if you do and can make it 
work, you will need to add the ypServ30.ldif

Rowland

More information about the samba mailing list