[Samba] Adding users with ldif file

RhineDevil tanyadegurechaff at disroot.org
Fri Jul 17 16:59:06 UTC 2020 

Thu, 16 Jul 2020 14:11:52 +0100 Rowland penny via samba <samba at lists.samba.org>:
> On 16/07/2020 13:51, RhineDevil wrote:
> > Thu, 16 Jul 2020 12:36:58 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >> On 16/07/2020 12:22, RhineDevil wrote:
> >>> Thu, 16 Jul 2020 11:45:19 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >>>> On 16/07/2020 11:24, RhineDevil wrote:
> >>>>> Thu, 16 Jul 2020 10:56:58 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >>>>>> On 16/07/2020 10:39, RhineDevil wrote:
> >>>>>>> Thu, 16 Jul 2020 10:31:04 +0100 Rowland penny via samba <samba at lists.samba.org>:
> >>>>>>>> On 16/07/2020 10:14, RhineDevil via samba wrote:
> >>>>>>>>> How could I add users and groups using ldif files without interacting with samba-tool?
> >>>>>>>> You will need to write your own scripts around ldapmodify or ldbmodify.
> >>>>>>>>
> >>>>>>>> Rowland
> >>>>>>>>
> >>>>>>> Yes but what fields are required and what autogenerated?
> >>>>>>> Could I have a basic example?
> >>>>>> It depends on whether we are talking about pure Windows users & groups
> >>>>>> or Unix users & groups. I suppose it also depends on where you are going
> >>>>>> to administrate them from.
> >>>>>>
> >>>>>> Can I ask what is wrong with using samba-tool ?
> >>>>>>
> >>>>>> Rowland
> >>>>>>
> >>>>> AFAIK doesn't allow full 1:1 export about gecos, shell and various things from /etc/ flat files
> >>>>> We're talking about Unix users and groups, but made in a way that they're both available in the AD and in NIS. This obviously takes as requirement that RFC2307 was enabled during installation
> >>>> No it doesn't, first, all the RFC2307 attributes are available from the
> >>>> standard AD schema, what isn't installed is the ldif required by IDMU.
> >>>> Secondly, samba-tool can add the required RFC2307 attributes when you
> >>>> create a user or group, you just need to add the required switches to
> >>>> the command. See 'samba-tool user create --help' and 'samba-tool group
> >>>> add --help' for more info and examples.
> >>>>
> >>>> Rowland
> >>>>
> >>> What's IDMU?
> >> Identity Management for UNIX or what gave you the Unix attribute tabs on
> >> ADUC (Active Directory Users & Computers)
> >>> Yeah I knew how to add RFC2307 support, didn't explain well
> >>> Seen right now the samba-tool user create options, they look nice, maybe migration would be more easy than I thought
> >>>
> >>> And about other data normally supported by a full schema like /etc/aliases /etc/fstab (potentially) /etc/hosts, /etc/networks, /etc/protocols, /etc/rpc, /etc/services and /etc/netgroup?
> >> That would be NIS, you do not need NIS, but if you do and can make it
> >> work, you will need to add the ypServ30.ldif
> >>
> >> Rowland
> >>
> > (Maybe) last question, how do I purge samba databases?
> 
> Which Samba databases ?
> 
> If you mean 'my user is using the wrong ID' then 'net cache flush'
> 
> Rowland
> 
> 
> 
I mean all dbs containing samba ad-dc data
Forgot to ask something, an LDAP client connecting to samba LDAP implementation can use `cn=mycn,dc=domain,dc=tld` or it's forced to provide DC and CN in uppercase?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: Firma digitale OpenPGP
URL: <http://lists.samba.org/pipermail/samba/attachments/20200717/5ceb29a3/attachment.sig>

More information about the samba mailing list