[Samba] Migrate mail aliases to AD ypServ30
Rowland penny
rpenny at samba.org
Mon Jul 20 10:56:57 UTC 2020
On 20/07/2020 11:11, RhineDevil via samba wrote:
> How could I migrate these fields to CN=aliases,CN=mail,CN=ypServ30,CN=RpcServices,CN=System,DC=local?
>
> dn: cn=abuse,ou=Aliases,DC=mydomail,DC=local
> cn: abuse
> objectClass: nisMailAlias
> objectClass: top
> rfc822MailMember: root
>
> dn: cn=noc,ou=Aliases,DC=mydomail,DC=local
> cn: noc
> objectClass: nisMailAlias
> objectClass: top
> rfc822MailMember: root
>
> dn: cn=security,ou=Aliases,DC=mydomail,DC=local
> cn: security
> objectClass: nisMailAlias
> objectClass: top
> rfc822MailMember: root
First you will need the rfc822-MailMember.schema and then run that
through oLschema2ldif to produce an ldif to add to AD.
Doing the above, should produce something like this:
dn: CN=rfc822MailMember,CN=Schema,CN=Configuration,dc=local
objectClass: top
objectClass: attributeSchema
attributeID: 1.3.6.1.4.1.42.2.27.2.1.15
schemaIdGuid:: aB7do9Dx3LkCSVgvixllpg==
cn: rfc822MailMember
name: rfc822MailMember
lDAPDisplayName: rfc822MailMember
description: rfc822 mail address of group member(s)
attributeSyntax: 2.5.5.5
oMSyntax: 22
isSingleValued: FALSE
dn: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local
objectClass: top
objectClass: classSchema
governsID: 1.3.6.1.4.1.42.2.27.1.2.5
schemaIdGuid:: gMnYtZqCPTLAMXe3RZus8A==
cn: nisMailAlias
name: nisMailAlias
lDAPDisplayName: nisMailAlias
subClassOf: top
objectClassCategory: 1
description: NIS mail alias
mustContain: cn
mayContain: rfc822MailMember
defaultObjectCategory: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local
You will need to split that into two ldif's one containing the
objectclass, the other the attribute.
You can then add the two ldifs like this:
ldbadd -H path_to_sam_ldb attr.ldif --option="dsdb:schema update
allowed"=true
ldbadd -H path_to_sam_ldb class.ldif --option="dsdb:schema update
allowed"=true
You could then add your ldif (modified to suit AD):
dn:
cn=abuse,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local
cn: abuse
objectClass: nisMailAlias
objectClass: top
rfc822MailMember: root
dn: cn=noc,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local
cn: noc
objectClass: nisMailAlias
objectClass: top
rfc822MailMember: root
dn:
cn=security,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local
cn: security
objectClass: nisMailAlias
objectClass: top
rfc822MailMember: root
Whilst the above should work, I have never tried it. You should be aware
that extending the AD schema is a one way action, you can never remove it.
If you do extend your schema, you do this at your own risk, do not blame
me if it goes wrong.
Rowland
More information about the samba
mailing list