Hello Luca,
Am 27.08.2013 00:11, schrieb Luca Olivetti:
The problem is, how do I get the posix information into samba4? With
samba 3 I could manage users and groups with ldap account manager and
they got both samba and posix attributes.
I have a windows workstation at work. There I use ADUC. Everything I
need to administrate users/groups, etc. And if you delegate permissions
(https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO/AD_Delegation#Delegating_.27Add.2Fchange.2Fdelete_accounts.2Fgroups.27-permissions),
you don't have to work with an domain administrator account the whole day.
ADUC has for me some advantages:
- I can administrate all accounts in a nice clear GUI (I know that linux
admins shouldn't say that :-))
- I don't have to track the last UID/GID I give, because it's stored in
AD and ADUC automatically incements.
- I can delegate permissions down to attribute level to other
departments (like human resources for changing phone numbers, etc.)
- and some more
> Another nice thing is that I
could script the creation of home directory, mailbox, etc.
I though that samba 4 allowed me to do the same, but with windows
administrative client (ADUC?)
Maybe this can be a solution for you:
https://lists.samba.org/archive/samba/2013-July/174252.html
If you don't want to manage them in AD, you can use winbind or sssd. But
there you have other requirements (machine joined to domain, kerberos,
...).
I'd like to avoid winbind if at all possible
In Samba 4 you don't need to have the users local. You can completely
skip ldap/winbind/whatever. Permission changing can be done from windows
on directories/shares.
Only if you don't want to see only UIDs/GIDs on the filesystem or other
services require them, you need a way to get the users/groups mapped.
Regards,
Marc
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
