-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Thanks Steve!
This is exactly what I'm looking for. As for my plan on pulling in the user base? I'm not sure yet... I'm thinking of re-creating the Windows users via samba-tool, now that I have a better grip on how the posix entries work, maybe I'll try using ldapmodify to add the posix stuff. I'll keep the list informed as I progress. Thanks Again to all that work on this project, and all that help the lowly users... Stu On 04/13/2013 09:28 AM, steve wrote: > On 13/04/13 18:06, Stuart Sheldon wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> Thanks for the response Andrew, >> >> Using ad for my idmap sounds like what I'm looking for. I'm having >> problems finding how I add the map ids to the AD manually for new users. >> Could you direct me to some information regarding cli tools to do that? >> >> Thanks Again, >> >> Stu > Hi > If you want to do it manually e.g. to add a domain user called steve2: > > samba-tool user add steve2 > (enter the passwords) > > then edit the record: > ldbedit --url=/usr/local/samba/private/sam.ldb cn=steve2 > > You can use any editor: > > ldbedit -e gedit --url=/usr/local/samba/private/sam.ldb cn=steve2 > > Here is a fully loaded domain user with the rfc2307 objects and > attributes added you need to forget about idmap altogether:) With this > lot, he's good for both Linux and windows clients. > > # editing 1 records > # record 1 > dn: CN=steve2,CN=Users,DC=hh3,DC=site > cn: steve2 > instanceType: 4 > whenCreated: 20130412075527.0Z > uSNCreated: 3737 > name: steve2 > objectGUID: 1fb4f5fe-11db-47da-a3d7-962717a81881 > badPwdCount: 0 > codePage: 0 > countryCode: 0 > badPasswordTime: 0 > lastLogoff: 0 > lastLogon: 0 > primaryGroupID: 513 > objectSid: S-1-5-21-1555648365-2472922434-3126067274-1106 > logonCount: 0 > sAMAccountName: steve2 > sAMAccountType: 805306368 > userPrincipalName: [email protected] is a fully loaded domain user > with thfor both Linux and windows clients. You can any editor:e rfc2307 > objects and idmap attributes added. With this lot, he's good for both > Linux and windows clients. > objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=hh3,DC=site > pwdLastSet: 130102269270000000 > userAccountControl: 66048 > accountExpires: 0 > uidNumber: 3000034 > gidNumber: 20513 > unixHomeDirectory: /home/users/steve2 > loginShell: /bin/bash > objectClass: top > objectClass: posixAccount > objectClass: person > objectClass: organizationalPerson > objectClass: user > profilePath: \\hh16\profiles\steve2 > homeDrive: Z: > homeDirectory: \\hh16\users\steve2 > whenChanged: 20130412075530.0Z > uSNChanged: 3743 > distinguishedName: CN=steve2,CN=Users,DC=hh3,DC=site > > Note: you'll soon get bored adding all the extra stuff but it's easy to > write a script to automate it. > > You need to tell Samba to use AD in the [global] section of smb.conf: > idmap_ldb:use rfc2307 = Yes > > As a matter of interest, how do you plan on pulling the id info from the > database? > hth > Steve > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRaZVEAAoJEFKVLITDJSGSvpwP/jiBs8fpb65QHv4Msy3q+xI6 /var0IuHL3O/kWCknJJRNb66G71xWJGWs2QHTY+gI9eKc1c3XxGcQHu9nxbDA//Z 3W0bXx4fmmIBOXZgHcjA5wCffakkn9gWjnoH660ZasPYVtv9v8w7ArcmHoMmk1Lc Hl8bH3ZIIhvNF85lcQuN7/CG5bA/Ha4HRTAzgib3kVgsu1iuvUg/uS03kY/NdsuB 2wsnMoA/qbseh5jEqKrwdiFW+3Oc+4bp3sLA3tCAFcGHAu0X4G3q+dV5V8JEgZy6 La1XL4dU0fOTJbSiHGNOrZN7x+4JsZ98f/uAUdjyxgZIYlEBwL9KuVuoKdLn8wu0 xZMVO25lsjO7jxC1AIz2Ojwh91NjDV+bZiBCfyHPXJ0iWrlfaWBJXot+rhCuUsTb xa/iUq/+T64FWdRXtkUQyv4JLmduRqWivAVQuNW3tXcilrliLLQ8YxtXxkrOZNu7 hSlnK2yIabSCtGjV81VxzUc2SC4y4AtdmbinC8mUM7MJ0WtE648ACQXGyeLjAhw+ w+BZnIvj5TtxT5J+QfcJW7JySUyo9gfNQ9gucUQpPpJKIz9qaRd2MX/wcPitS1Y3 ZrI4VtiZEXaO54Jicpqf2mMVDMvC6mk7w+dU0nELW/6tyHoA4zcfNYK3lURDHF7G Pzart45F4KaMmjvM5iMY =4Vau -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
