I am also struggling to find up to date information on using Samba 4 with linux clients. I have managed to get the RFC 2307 fields by installing the 'NIS tools' feature on a W2k8 DC, and creating a 'NIS domain'. Previously I could see the fields, but could not select a NIS domain in the ADUC tool to make the RFC 2307 fields enabled.
I'm also trying to find out the correct way to add the autohome nis map. I have tried: ldbmodify -H /usr/local/samba/private/sam.ldb automount_template.ldif --option="dsdb:schema update allowed"=true But this seemed to fail. I have thought I might need to use the Microsoft schema management tool to add the automount schema. On Sat, Nov 24, 2012 at 4:01 PM, Gémes Géza <[email protected]> wrote: > Hi, > > Hello Steve, >> >> The only way I have found to enable those options is to provision with >> "--use-rfc2307". We are performing an upgrade from Samba3 and I noticed >> that the options were not grayed out after performing a classicupgrade, >> but >> were grayed out after a "clean" provision. I finally figured out that the >> classicupgrade always uses the "--use-rfc2307" flag. This flag will add >> the >> option "idmap_ldb:use rfc2307 = yes" to your smb.conf, however, it has >> been >> my experience that adding that to smb.conf post-provision does not enable >> the UNIX Attributes options, so the provision option must do something >> else. I would like to know if there is a way to enable this after the >> fact, >> but I've not come up with anything yet. I need to complete further testing >> on the actual authentication of Linux clients, Apache, RADIUS and OpenVPN, >> but have run into a show-stopper with DNS replication and have moved all >> my >> efforts to this for the time being. I was able to get Linux clients >> authenticating via winbind, but this was before I found out about the >> "--use-rfc2307" option and winbind was using auto-generated UIDs and GIDs. >> Any notes you come up with would be greatly appreciated. Thanks, Thomas. >> >> Provisioning with --use-rfc2307 also loads the "NIS" schema into AD and > thus allows you to set that attributes via ADUC. > To do the same after provision you would need to import the schema after > provision. The skeleton of it is in /usr/local/samba/share/setup/** > ypServ30.ldif > on a default install. > > Regards > > Geza Gemes > > On Fri, Nov 23, 2012 at 10:38 AM, Steve van Maanen <[email protected] >> >wrote: >> >> Hello everyone, >>> >>> I am trying to figure out a way to migrate NIS maps to SAMBA4 (I want to >>> replace NIS with SAMAB4 for a Linux domain. I have researched a fair bit >>> on >>> the web but have not found out any solutions and was hoping I could find >>> some help here. What I have found so far pertains to Windows >>> implementations of Active Directory. >>> >>> Here are my questions. >>> >>> 1) Is it possible with a default install of SAMBA4 or do I need to extend >>> the schema? >>> 2) I notice there is a Unix attributes tab for users, when using Active >>> Directory users and groups to administer the Samba4 AD, but I am unable >>> to >>> change the properties. Is there any way I can enable this? >>> 3) Has anyone done this and if so, can you offer me some pointers? >>> >>> Many thanks! >>> >>> Steve >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: >>> https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba> >>> >>> > -- > To unsubscribe from this list go to the following URL and read the > instructions: > https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
