[Samba] Migrate mail aliases to AD ypServ30
RhineDevil
tanyadegurechaff at disroot.org
Mon Jul 20 16:52:39 UTC 2020
Mon, 20 Jul 2020 11:56:57 +0100 Rowland penny via samba <samba at lists.samba.org>:
> On 20/07/2020 11:11, RhineDevil via samba wrote:
> > How could I migrate these fields to CN=aliases,CN=mail,CN=ypServ30,CN=RpcServices,CN=System,DC=local?
> >
> > dn: cn=abuse,ou=Aliases,DC=mydomail,DC=local
> > cn: abuse
> > objectClass: nisMailAlias
> > objectClass: top
> > rfc822MailMember: root
> >
> > dn: cn=noc,ou=Aliases,DC=mydomail,DC=local
> > cn: noc
> > objectClass: nisMailAlias
> > objectClass: top
> > rfc822MailMember: root
> >
> > dn: cn=security,ou=Aliases,DC=mydomail,DC=local
> > cn: security
> > objectClass: nisMailAlias
> > objectClass: top
> > rfc822MailMember: root
>
> First you will need the rfc822-MailMember.schema and then run that
> through oLschema2ldif to produce an ldif to add to AD.
>
> Doing the above, should produce something like this:
>
> dn: CN=rfc822MailMember,CN=Schema,CN=Configuration,dc=local
> objectClass: top
> objectClass: attributeSchema
> attributeID: 1.3.6.1.4.1.42.2.27.2.1.15
> schemaIdGuid:: aB7do9Dx3LkCSVgvixllpg==
> cn: rfc822MailMember
> name: rfc822MailMember
> lDAPDisplayName: rfc822MailMember
> description: rfc822 mail address of group member(s)
> attributeSyntax: 2.5.5.5
> oMSyntax: 22
> isSingleValued: FALSE
>
> dn: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local
> objectClass: top
> objectClass: classSchema
> governsID: 1.3.6.1.4.1.42.2.27.1.2.5
> schemaIdGuid:: gMnYtZqCPTLAMXe3RZus8A==
> cn: nisMailAlias
> name: nisMailAlias
> lDAPDisplayName: nisMailAlias
> subClassOf: top
> objectClassCategory: 1
> description: NIS mail alias
> mustContain: cn
> mayContain: rfc822MailMember
> defaultObjectCategory: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local
>
> You will need to split that into two ldif's one containing the
> objectclass, the other the attribute.
>
> You can then add the two ldifs like this:
>
> ldbadd -H path_to_sam_ldb attr.ldif --option="dsdb:schema update
> allowed"=true
> ldbadd -H path_to_sam_ldb class.ldif --option="dsdb:schema update
> allowed"=true
>
> You could then add your ldif (modified to suit AD):
>
> dn:
> cn=abuse,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local
> cn: abuse
> objectClass: nisMailAlias
> objectClass: top
> rfc822MailMember: root
>
> dn: cn=noc,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local
> cn: noc
> objectClass: nisMailAlias
> objectClass: top
> rfc822MailMember: root
>
> dn:
> cn=security,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local
> cn: security
> objectClass: nisMailAlias
> objectClass: top
> rfc822MailMember: root
>
> Whilst the above should work, I have never tried it. You should be aware
> that extending the AD schema is a one way action, you can never remove it.
>
> If you do extend your schema, you do this at your own risk, do not blame
> me if it goes wrong.
>
> Rowland
>
Wait but
Wouldn't make sense taking care of this through samba-tool? Like there's --rfc-2037, --rfc822 could be added
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: Firma digitale OpenPGP
URL: <http://lists.samba.org/pipermail/samba/attachments/20200720/1d2eb711/attachment.sig>
More information about the samba
mailing list