Paul Gienger skrev: [...]
Where are your groups here? I'm curious as to how this is laid out.At a site, I already have a DIT with 1150+ users:
rootdn
| ou=directors
cn=director1
cn=director2
| ou=teachers
cn=teacher1
cn=teacher2
| ou=staff
cn=member1
cn=member2
| ou=pupils
cn=pupil1
cn=pupil2
| ou=system
| ou=pykota
| ou=smb
Each (Posix) group is in each ou container, sorry. The specific SMB groups (domadmins, domguests, domusers, computers etc9 are in the smb ou container. They have cn RDNs. The Samba tools (net, smbpasswd, pdbedit), as well as the method of specifying suffixes in smb.conf are clever enough to find whichever group I want, for example for mapping. I'm astounded that the tools are so flexible. Which is why I was so disappointed in the sambasam-tools ...
etc.
Even worse, at my test site I have:
rootdn | ou=groups | cn=people (Posix group) cn=person1 cn=person2 | ou=smb
etc.
The tools can't cope. What's more, LAM can't cope with my test site, either (wants an ou for a container, won't accept a cn). Neither you nor anyone else can tell me that my architecture is wrong ;)
... which is why I went on to redesign the DIT on my test rig, cutting out the ou container and using the primary Posix group as the leaf container: it's more logical and works just as well. Now the pupils have decided that they want to be divided up into subgroups by class or project: no sweat, Samba can cope with all of that.
Using GQ as primary tool to visualize this is a boon and GQ has the added advantage over other GUIs of drag'n drop.
Nope, I wouldn't go that far. Looks like you are doing things just fine, trying to keep things organized ans whatnot. However, you are correct that the scropts can't cope. The scripts are in fact created with one ou type things in mind.
I've written my own awk script for adding basic Posix users to groupsI'm afraid then that you may have to do some more scripting, but at least you can start with the tools and modify to your hearts content.
(from lists of first-middle-last names) and my own (disjointed) shell
scripts for adding Samba users to Posix users (using ldapsearch).
Oh definitely ;) But my sites are very specific and I tend to stop when each script does what I want. They're all very disjointed. ldapsearch plays a major part in most of the shell scripts.
Thanks for taking an interest :)
--Tonni
--
mail: [EMAIL PROTECTED] http://www.billy.demon.nl
They love us, don't they, They feed us, won't they ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
