Andreas Hasenack i'rta:
> Em Dom 19 Mar 2006 02:58, Gémes Géza escreveu:
>
>>>> An example ldif:
>>>>
>>>> dn: uid=test,ou=users,dc=example,dc=net
>>>>
>>>> objectClass: person
>>>>
>>>> objectClass: organizationalPerson
>>>>
>>>> objectClass: inetOrgPerson
>>>>
>>>> objectClass: posixAccount
>>>>
>>>> objectClass: top
>>>>
>>>> objectClass: shadowAccount
>>>>
>>>> objectClass: sambaSamAccount
>>>>
>>>> objectClass: krb5Principal
>>>>
>>>> sn: Account
>>>>
>>>> userPassword: [EMAIL PROTECTED]
>>>>
>
> What is the user creation sequence you are using? First posixAccount and
> sambaSamAccount (for example, with smbldap-tools), then add the krb5Principal
> class and its attributes, set password to use {SASL} and then what? kadmin?
> kpasswd?
>
Usually dump an ldif to the ldap server with the premade (mkntpwd)
NTHash, and thats all.
The ldif is populated by a script which writes values like:
echo "dn: uid=$username,ou=users,dc=example,dc=net" >> the_created_ldif_file
...
echo "userPassword: [EMAIL PROTECTED]" >> the_created_ldif_file
...
and then ldapadd -Y GSSAPI -f the_created_ldif_file
then rm -f the_created_ldif_file
that's all
Regards
Geza
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
