Look into ldap; if you are a busy admin as you say you are - then why
re-invent the wheel? There are numerous LDAP account management systems, and
bearing in mind that you're using linux somewhere at the desktop level - you
can use LDAP for BOTH samba and UNIX accounts. As far as locking/unlocking
an account goes, simply enable/disable it via LDAP, simple ldapmodify
command from the shell and you're good to go - or even better, use PERL and
make yourself a simple web-interface if you'd prefer.
In my humble experience, LDAP is definetly the way to go. We've got a single
LDAP repository of all users, domains, machine accounts, idmaps, etc. This
repository is then made redundant by slave ldap servers which also enables
load-sharing, and fail-safe systems. It's eay to work with, works across
almost any platform: we have Sun Solaris/Sparc Workstations, FreeBSD servers
& workstations on the UNIX side using nss_ldap and pam_ldap, as well as
numerous windows accounts in a domain environment serviced by the FreeBSD
servers running OpenLDAP and Samba. We're using LAM (LDAP Account Manager);
a free(ly) available PHP-based LDAP Account Management GUI - which allows us
to administer users, accounts, and machine accounts from anywhere on the
network via a web browser.
If time, conveinience, and ease-of-use are you biggest administrative
hurdles - then LDAP is what you're missing.
--
Nathan Vidican
nvidican@wmptl.com
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/
-----Original Message-----
From: samba-bounces+nvidican=wmptl.com@lists.samba.org
[mailto:samba-bounces+nvidican=wmptl.com@lists.samba.org] On Behalf Of
Christopher Welsh
Sent: Monday, July 04, 2005 9:45 AM
To: samba@lists.samba.org
Subject: [Samba] Lock accounts with SAMBA
Hi,
I'm a busy sysadmin locking and unlocking user accounts. I'd like to be
able to do it from my linux -kerberos enabled samba workstation.
I can easily use net commands to see if a user's account is locked in
the ADS. How do I actually lock it from within samba.
I've written a user management system at the school that does lots of
things, I'd like it to be able to do this using Linux.
So any advice, would be great fully appreciated.
Chris