[Samba] Adding users with ldif file

Rowland penny rpenny at samba.org
Thu Jul 16 13:11:52 UTC 2020 

On 16/07/2020 13:51, RhineDevil wrote:
> Thu, 16 Jul 2020 12:36:58 +0100 Rowland penny via samba <samba at lists.samba.org>:
>> On 16/07/2020 12:22, RhineDevil wrote:
>>> Thu, 16 Jul 2020 11:45:19 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>> On 16/07/2020 11:24, RhineDevil wrote:
>>>>> Thu, 16 Jul 2020 10:56:58 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>>>> On 16/07/2020 10:39, RhineDevil wrote:
>>>>>>> Thu, 16 Jul 2020 10:31:04 +0100 Rowland penny via samba <samba at lists.samba.org>:
>>>>>>>> On 16/07/2020 10:14, RhineDevil via samba wrote:
>>>>>>>>> How could I add users and groups using ldif files without interacting with samba-tool?
>>>>>>>> You will need to write your own scripts around ldapmodify or ldbmodify.
>>>>>>>>
>>>>>>>> Rowland
>>>>>>>>
>>>>>>> Yes but what fields are required and what autogenerated?
>>>>>>> Could I have a basic example?
>>>>>> It depends on whether we are talking about pure Windows users & groups
>>>>>> or Unix users & groups. I suppose it also depends on where you are going
>>>>>> to administrate them from.
>>>>>>
>>>>>> Can I ask what is wrong with using samba-tool ?
>>>>>>
>>>>>> Rowland
>>>>>>
>>>>> AFAIK doesn't allow full 1:1 export about gecos, shell and various things from /etc/ flat files
>>>>> We're talking about Unix users and groups, but made in a way that they're both available in the AD and in NIS. This obviously takes as requirement that RFC2307 was enabled during installation
>>>> No it doesn't, first, all the RFC2307 attributes are available from the
>>>> standard AD schema, what isn't installed is the ldif required by IDMU.
>>>> Secondly, samba-tool can add the required RFC2307 attributes when you
>>>> create a user or group, you just need to add the required switches to
>>>> the command. See 'samba-tool user create --help' and 'samba-tool group
>>>> add --help' for more info and examples.
>>>>
>>>> Rowland
>>>>
>>> What's IDMU?
>> Identity Management for UNIX or what gave you the Unix attribute tabs on
>> ADUC (Active Directory Users & Computers)
>>> Yeah I knew how to add RFC2307 support, didn't explain well
>>> Seen right now the samba-tool user create options, they look nice, maybe migration would be more easy than I thought
>>>
>>> And about other data normally supported by a full schema like /etc/aliases /etc/fstab (potentially) /etc/hosts, /etc/networks, /etc/protocols, /etc/rpc, /etc/services and /etc/netgroup?
>> That would be NIS, you do not need NIS, but if you do and can make it
>> work, you will need to add the ypServ30.ldif
>>
>> Rowland
>>
> (Maybe) last question, how do I purge samba databases?

Which Samba databases ?

If you mean 'my user is using the wrong ID' then 'net cache flush'

Rowland

More information about the samba mailing list