Hi, my organization uses samba3 with LDAP backend, several non-samba
attribute are stored in LDAP to manage different service (webmail, web
service) also LDAP storing many extra-domain users in a different directory.
I would like to migrate to samba4 AD-DC but i need to keep extra-domain
users and non-samba attributes.
I would like keep all users in LDAP and syncing their passwords from
samba with "passwd program" but samba4 ignores these directives.
This is my system
Linux anubi.ausl.fe.it 2.6.32-358.6.1.el6.i686 #1 SMP Tue Apr 23
18:13:20 UTC 2013 i686 i686 i386 GNU/Linux
My samba version (rpm from SOGo Repository but i tested also compiling
from 4.0.5 sources)
Version 4.0.1-4.centos6.1
My smb.conf
# Global parameters
[global]
workgroup = AUSLFE
realm = ausl.fe.it
netbios name = ANUBI
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
dns forwarder = 192.168.1.1
unix password sync = yes
passwd program = /root/mypasswd.sh %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n
template shell = /bin/bash
I probably forgot some step...
Regards
Michael
Hello Michael, Am 05.05.2013 13:08, schrieb Dr Michael Cinti:> Hi, my organization uses samba3 with LDAP backend, several non-samba > attribute are stored in LDAP to manage different service (webmail, web > service) also LDAP storing many extra-domain users in a different > directory. > I would like to migrate to samba4 AD-DC but i need to keep extra-domain > users and non-samba attributes. > I would like keep all users in LDAP and syncing their passwords from > samba with "passwd program" but samba4 ignores these directives.Why don't transfer the additional attributes to the migrated AD and have only one LDAP (AD)? Just write a small script, that runs all accounts in your new AD, searching the user in your openLDAP and retrieves the required attributes and write them with ldapmodify to AD. I did that when we switched to AD for about 150 accounts. And now I can change everything on one place with ADUC. Regards Marc