On 30/04/14 21:59, Roland Gruber wrote:
Hi Rowland,
On 30.04.2014 20:31, Rowland Penny wrote:
OK, I thought you might say that, so how do I raise a bug report on lam ?
Reason:
If you have a Samba 4 AD server (or a windows AD server) and only add
users & groups with ADUC, you will NEVER get the posixAccount or
posixGroup objectClasses, the only way to get these objectclasses is by
either the samba classicupgrade or with samba-tool, neither of which
really should happen because the posix objectClasses are auxiliaries of
other objectClasses (user, group).
can you provide more details what happens when managing accounts with
LAM and what you would expect? I did not yet understand the problem.
------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos. Get
unparalleled scalability from the best Selenium testing platform available.
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
Lam-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lam-public
OK, I do not have anywhere in AD any of the posix objectClasses, they
are not required and are not added by ADUC.
If I add a user with ADUC, it get this:
dn: CN=John Doe,CN=Users,DC=example,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: John Doe
sn: Doe
givenName: John
instanceType: 4
whenCreated: 20140430212228.0Z
displayName: John Doe
uSNCreated: 6943
name: John Doe
objectGUID: c1157681-6843-462e-9803-6ca1eac2ca6d
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
primaryGroupID: 513
objectSid: S-1-5-21-2453573571-2648806188-836328162-1114
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: john
sAMAccountType: 805306368
userPrincipalName: [email protected]
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com
pwdLastSet: 130433665490000000
whenChanged: 20140430212230.0Z
userAccountControl: 512
uSNChanged: 6946
distinguishedName: CN=John Doe,CN=Users,DC=example,DC=com
If I then go to the users UNIX Attributes tab in ADUC and add the unix
attributes, I get these attributes added:
msSFU30NisDomain: example
uidNumber: 10004
loginShell: /bin/sh
unixHomeDirectory: /example/john
gidNumber: 10001
msSFU30Name: john
unixUserPassword: ABCD!efgh12345$67890
uid: john
As you can, there is no posixAccount objectClass added, this is because
it is an auxiliary of the user objectClass
I set up lam with these modules:
Windows (windowsUser)(*)
Unix (posixAccount)
Windows (windowsGroup)(*)
Unix (windowsPosixGroup)
Windows (windowsHost)(*)
logged in and tried to add a new user, I immediately got a message at
the top of the screen:
No Unix groups found in LDAP! Please create one first.
I have groups in AD that work as Unix groups, they just do not have the
posixGroup objectClass and NEVER will.
In my opinion, anything that relies on objectClasses that should not be
there, is relying on a bug.
Rowland
------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos. Get
unparalleled scalability from the best Selenium testing platform available.
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
Lam-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lam-public
