[Samba] How to add or modify msDS-PrincipalName Attribute
Rowland Penny
rpenny at samba.org
Fri Aug 13 18:24:27 UTC 2021
On Fri, 2021-08-13 at 13:07 -0400, James Atwell via samba wrote:
> On 8/12/2021 3:43 PM, Rowland Penny via samba wrote:
> > On Thu, 2021-08-12 at 15:29 -0400, James Atwell via samba wrote:
> > > Rowland,
> > >
> > > Thanks for the reply and link. I'm not familiar with
> > > working
> > > with
> > > ldb modules. Can you point me in the direction to learn how?
> > > Thank
> > > you.
> > >
> > > -James
> > To put it bluntly, no :-)
> > To me 'C' comes between 'B' and 'D' :-D
> >
> > Perhaps Andrew can help here, or Scott Jordahl, the original
> > poster, I
> > presume he got it working.
> >
> > Rowland
> >
> >
> Appreciate the bluntness. I may be looking at my issue the wrong
> way.
> I'm not familiar with constructed attributes but they appear to not
> exist in AD but rather get created on the fly when queried. This
> would
> explain why they don't exists when I look for them. As a simple test
> can
> I query for msDS-PrinciaplName using sambat-tool or another software?
> I
> only see I can do this using Powershell but it relies on webservcies
> and
> Samba doesn't support it.
There are quite a few 'constructed' attributes and they do not exist in
AD, they are constructed on the fly, but for this you need code. Samba
does not seem to have this code readily available for the msDS-
PrincipalName attribute. From my limited understanding, the code needs
to construct the attribute as shown here:
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/69474c61-a302-4dd2-bc8c-4fac6ccd1eee
Rowland
More information about the samba
mailing list