[Samba] Maintaining Unix Attributes in AD using ADUC?

Matthias Leopold matthias.leopold at meduniwien.ac.at
Fri Apr 2 16:15:46 UTC 2021

Am 02.04.21 um 14:24 schrieb Rowland penny via samba:
> On 02/04/2021 12:17, Matthias Leopold wrote:
>> I understood that Windows 10 doesn't have the "Unix attributes" tab, 
>> this is why I looked at the "Attribute editor" tab. There I see that 
>> UID/GID aren't assigned automatically (although the attribute is 
>> there). So this is the intended behaviour?
> That will not work, you need the framework that Samba AD provides and 
> the Unix Attributes tabs (which win10 no longer has) to get RFC2307 
> attributes added automatically.

OK, I understand, only ADUC pre Win10/WinServer2016 will add RFC2307 
attributes automatically.

>> Unfortunately manually setting these attributes (by whatever means) 
>> for new users (I could do it for existing users) is not an option for me.
> Can I introduce you to the concept of using the command line to create 
> users and groups, you can use scripts around samba-tool or ADMan or 
> various other methods that are available, it is usually faster than 
> using Windows.

I'm aware of CLI methods, but I want users to be able to add and 
maintain groups which can reasonably be done only with ADUC. But I 
adapted (my rather freaky) LDAP migration scenario so new groups created 
in AD don't need a GID (because they will only be used in idmap rid 

thanks for advice

More information about the samba mailing list