Re: [Samba] Samba 4 posixGroup mapping

Tue, 07 Feb 2012 07:03:18 -0800 

Hi Geza, hi everyone
I had a go at the script:
s4user <cn> <uid> <gid> <windows-group>
where <windows-group> is a posiixGroup'ified group from samba-tool group add. 
cat s4user
#!/bin/sh
echo "Creating s4 posix user "$1
echo "Pls enter pwd for "$1
samba-tool user add $1
echo "dn: cn=$1,cn=Users,dc=hh3,dc=site
changetype: modify
add: objectclass
objectclass: posixaccount
-
add: uidnumber
uidnumber: $2
-
add: gidnumber
gidnumber: $3
-
add:unixhomedirectory
unixhomedirectory: /home/CACTUS/$1
-
add: loginshell
loginshell: /bin/bash" > $1
#ldbmodify -f /some/temporary-file ###can't get the syntax!###
ldapmodify -h 192.168.1.3 -D cn=Administrator,cn=Users,dc=hh3,dc=site -f $1 -Y GSSAPI 
samba-tool group addmembers $4 $1
mkdir /home/CACTUS/$1
chown $1:$4 /home/CACTUS/$1
rm $1
echo $1 "rfc2307-ified"

and:

./s4user steve6 3000030 2000 suseusers
Creating s4 posix user steve6
Pls enter pwd for steve6
New Password:
User 'steve6' created successfully
SASL/GSSAPI authentication started
SASL username: [email protected]
SASL SSF: 56
SASL data security layer installed.
modifying entry "cn=steve6,cn=Users,dc=hh3,dc=site"
Added members to group suseusers
steve6 rfc2307-ified
hh3:/home/steve # exit
exit
steve@hh3:~> su steve6
Password:
Warning: Your password will expire in 41 days on Tue 20 Mar 2012 14:52:02
CET
steve6@hh3:/home/steve> cd ../CACTUS/steve6
steve6@hh3:~> touch hola
steve6@hh3:~> ls -la
total 12
drwxr-xr-x  2 steve6 suseusers 4096 Feb  7 14:53 .
drwxr-xr-x 10 root   root      4096 Feb  7 14:52 ..
-rw-r--r--  1 steve6 suseusers    0 Feb  7 14:53 hola
-rw-------  1 steve6 suseusers   48 Feb  7 14:52 .xauthoa0jlX
steve6@hh3:~>

Yeah!
I need to tidy the script up a bit and particularly look for the nslcd pid before continuing. 
As usual, a few qns. Sorry.
1. As this ignores winbind, is there any need to use winbind like uid's?
2. I can't get the syntax for ldbmodify:(
3. Is there a cheap way to get the next available uid from ldap? I thought of sticking a base id in a file and incrementing it each time s4user was called. Then pulling it back from the file when the script was called for the next user. 

Cheers,
Steve

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Reply via email to