fre, 20.05.2005 kl. 18.43 skrev Misty Stanley-Jones: > > So do I, awk/sed/shell. I use smbpasswd (amongst other Samba utilities) > > and I don't have your problem. Don't you know what smbpasswd is? Try > > 'man smbpasswd' ;) > > Yes, I know what it is. No, I did not use it. I use LDAP, and I did all of > my entries in LDAP directly, skipping the Samba layer. It may have been the > wrong way, but it is done and I have a fully running domain that has been > running for more than 6 months that way. I do not even use smbpasswd now, > but smbldap-tools.
To each his own poison ;) I can't use the idealx tools. > > smbpasswd will do what you want, if you already have posixGroup entries > > for users, groups and computers. > > Are you telling me that smbpasswd will change the RIDs for already-existing > Samba users? I did not know that. No. If you have added a new LDAP posixAccount with your favorite script (I write my own), OR after you have deleted the sambaSAMAccount objectClass from a combined posixAccount/sambaSAMAccount record, then by running 'smbpasswd -a' on that account you wil get a sambaSAMAccount entry that adds algorithmically calculated SIDs (with RIDs) for that machine or user, based on the uidNumber and gidNumber. These RIDS will be perfectly acceptable across your whole database, but ONLY IF you haven't gone and messed up the database by inserting your own RIDs on the basis of your own whims. If you have done the latter (as you have), then the smbpasswd method can't help you. > I get the feeling I have really frustrated you. Sorry. Not really. Background: in February last I had an 1150+ user LDAP posixAccount database (made using an awk script) for other things than Samba. It was completely differently structured than the idealx scripts would have done things. Then I had to migrate from an old NT4 PDC to Samba and decided to use my LDAP database as ldapsam backend. By running a simple shell ldapsearch/smbpasswd script on the database, I made all my posixAccount users into Samba users, with all RIDs calculated automatically, as documented in 'man smbpasswd'. Machines get added with a separate LDAP shell script and smbpasswd, but with correct RIDs. If I seem frustrated, it's only because the whole thing was so damned easy and it works so well, that I'd like for others to be able to understand how brilliant the Samba tools are for implementing custom solutions. Completely independently from any smbldap-tools solution. -Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They'll love us, won't they? They feed us, don't they? ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
