[Samba] userou= question

Rowland penny rpenny at samba.org
Sun Oct 11 13:24:55 UTC 2020 

On 11/10/2020 13:59, Robert Wooden wrote:
> Yes, thank you for the guidance.
>
> Regarding "/You do not put the users password here (if that is what 
> you are trying to do): --password=PASSWORD1/"
>
> My experience has been this, no matter where I put "--password=" in 
> the string, after the "user" as the manpage suggests or the end. When 
> I run the create string I am asked for a "New Password:' and then 
> "Retype Password:". Which is fine by me, I want a different password 
> for the test users anyway. Hence, in  testing I just left the 
> --password at the end of the string because it did not seem to matter, 
> Samba still asked to enter New and Retype New.

Lets say you want to create a user called fred, with the password 
'fredspassword', you would do this:

samba-tool user create fred fredspassword

The '--password=' is for authentication when creating the user, not the 
users passwords.

>
> Regarding "/--home-drive=M: (note the ':' at the end)/" thanks, it 
> makes sense to add the colon. But, I will comment that on the W10 side 
> the "M" by itself is working fine.
Without the ':', it has never worked for myself.
>
> Finally regarding the userou=. At this point I have a very simple, 
> _almost default_ ou structure. I have added only a "CompanyName OU" 
> and two (2) subOU's of the "CompanyName OU", they are 
> "DmnMmbrs-folder-redirection" and "DmnMmbrUsers". Only 
> "DmnMmbrs-folder-redirection" have any GPO's applied to it.
>
> I have tried the same order of OU's you suggest (yes, with the single 
> quotation marks and no spaces in the OU's) and as well have reversed 
> the order of the OU's. Both sequences failed, as my previous email 
> indicated. So, yes, as I read the manpage and it should work in the 
> manner you suggest but, it does not.
>
OK, I did this:

samba-tool ou create 'OU=CompanyName'

and got this:

Created ou "OU=CompanyName,DC=samdom,DC=example,DC=com"

Then I did this:

samba-tool ou create 'OU=DmnMmbrs-folder-redirection,OU=CompanyName'

which lead to this:

Created ou 
"OU=DmnMmbrs-folder-redirection,OU=CompanyName,DC=samdom,DC=example,DC=com"

I then did this:

samba-tool user create robert P4ssw0rd* --given-name=Robert 
--surname=Wooden --userou='OU=DmnMmbrs-folder-redirection,OU=CompanyName'

and got this:

User 'robert' created successfully

With this in AD:

dn: CN=Robert 
Wooden,OU=DmnMmbrs-folder-redirection,OU=CompanyName,DC=samdom,DC=example,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Robert Wooden
sn: Wooden
givenName: Robert
instanceType: 4
whenCreated: 20201011131747.0Z
whenChanged: 20201011131747.0Z
displayName: Robert Wooden
uSNCreated: 1497670
name: Robert Wooden
objectGUID: e0ffd79f-786c-4e02-8cfd-90db74101f89
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
primaryGroupID: 513
objectSid: S-1-5-21-1768301897-3342589593-1064908849-5198
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: robert
sAMAccountType: 805306368
userPrincipalName: robert at samdom.example.com
objectCategory: 
CN=Person,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com
pwdLastSet: 132468958672325130
userAccountControl: 512
uSNChanged: 1497672
distinguishedName: CN=Robert 
Wooden,OU=DmnMmbrs-folder-redirection,OU=CompanyName,DC=samdom,DC=example,DC=com

So, what are you doing differently ?

Rowland

More information about the samba mailing list