[Samba] Adding users with ldif file
rpenny at samba.org
Thu Jul 16 11:36:58 UTC 2020
On 16/07/2020 12:22, RhineDevil wrote:
> Thu, 16 Jul 2020 11:45:19 +0100 Rowland penny via samba <samba at lists.samba.org>:
>> On 16/07/2020 11:24, RhineDevil wrote:
>>> Thu, 16 Jul 2020 10:56:58 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>> On 16/07/2020 10:39, RhineDevil wrote:
>>>>> Thu, 16 Jul 2020 10:31:04 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>>>> On 16/07/2020 10:14, RhineDevil via samba wrote:
>>>>>>> How could I add users and groups using ldif files without interacting with samba-tool?
>>>>>> You will need to write your own scripts around ldapmodify or ldbmodify.
>>>>> Yes but what fields are required and what autogenerated?
>>>>> Could I have a basic example?
>>>> It depends on whether we are talking about pure Windows users & groups
>>>> or Unix users & groups. I suppose it also depends on where you are going
>>>> to administrate them from.
>>>> Can I ask what is wrong with using samba-tool ?
>>> AFAIK doesn't allow full 1:1 export about gecos, shell and various things from /etc/ flat files
>>> We're talking about Unix users and groups, but made in a way that they're both available in the AD and in NIS. This obviously takes as requirement that RFC2307 was enabled during installation
>> No it doesn't, first, all the RFC2307 attributes are available from the
>> standard AD schema, what isn't installed is the ldif required by IDMU.
>> Secondly, samba-tool can add the required RFC2307 attributes when you
>> create a user or group, you just need to add the required switches to
>> the command. See 'samba-tool user create --help' and 'samba-tool group
>> add --help' for more info and examples.
> What's IDMU?
Identity Management for UNIX or what gave you the Unix attribute tabs on
ADUC (Active Directory Users & Computers)
> Yeah I knew how to add RFC2307 support, didn't explain well
> Seen right now the samba-tool user create options, they look nice, maybe migration would be more easy than I thought
> And about other data normally supported by a full schema like /etc/aliases /etc/fstab (potentially) /etc/hosts, /etc/networks, /etc/protocols, /etc/rpc, /etc/services and /etc/netgroup?
That would be NIS, you do not need NIS, but if you do and can make it
work, you will need to add the ypServ30.ldif
More information about the samba