samba - Apr 2005 - givenname and email address with smbldap-tools

Hi all,

I have setup samba / openldap as describes by the idealx howto and as 
such I am using the smbldap-tools. However, I would like to add the 
givenname and email address fields for all users. What is the best way 
to do this? I would prefer continuing to use the smbldap-tools, but I 
cannot seem to find a good way to do this. When I try to: $ 
smbldap-usermod -M testuser@testdomain.net testuser
I get: failed to modify entry: mailLocalAddress: attribute type 
undefined at /usr/local/sbin/smbldap-usermod line 470, <DATA> line 283.
And what fields are normally used for the full name within this 
smbldap-tools scope? How do people cope with additional/custom field 
that are not supported by the smbldap-tools?

Thanks for any hints!

Jonathan

Jonathan Salomon schrieb:
> Hi all,
>
> I have setup samba / openldap as describes by the idealx howto and as 
> such I am using the smbldap-tools. However, I would like to add the 
> givenname and email address fields for all users. What is the best way 
> to do this? I would prefer continuing to use the smbldap-tools, but I 
> cannot seem to find a good way to do this. When I try to: $ 
> smbldap-usermod -M testuser@testdomain.net testuser
> I get: failed to modify entry: mailLocalAddress: attribute type 
> undefined at /usr/local/sbin/smbldap-usermod line 470, <DATA> line
283.
> And what fields are normally used for the full name within this 
> smbldap-tools scope? How do people cope with additional/custom field 
> that are not supported by the smbldap-tools?
>
> Thanks for any hints!
>
> Jonathan
Hi,
youre right i found this too.
The problem is that you have include the misc schema in ldap.
As i tested the script to include the mail options at useradd time this 
failed too.
It seems the attribute wasnt published at populate time, so the samba 
profile wasnt published not ,too ( invoking by usrmgr)


I managed it with a small per script to add mail attributes at useradd 
create time
like this i.e

pico /etc/samba/smbuseradd.pl
---------------------------------------------------------------------------
#!/usr/bin/perl -w
#this script is a small hack to produce a number of ldap values in help
#with the nice IDEALX scripts.
$first=shift(@ARGV);
$execstring1="/opt/IDEALX/sbin/smbldap-useradd -m -P $first";
system($execstring1);


#$ppath="\'\\\\PDC\\profiles\\";
#$execstring2="/opt/IDEALX/sbin/smbldap-usermod -F $ppath$first\'
$first";
#system($execstring2);
#this should the trick to include the smbprofile path without declaring 
it in smb.conf but i doesnt work dont know why

#this makes mail entries for the user at create time
$mail="$first\@robo.intern";
$execstring3="/opt/IDEALX/sbin/smbldap-usermod -M $mail $first";
system($execstring3);
------------------------------------------------------------------------------
to press samba manage the smbprofile  problem
i used
logon path = \\%L\profiles\%U
   logon drive = Z:
   logon home = \\%L\%U
   logon script = default.bat

to have defaults  in usmgr

which wasnt my wish cause if  like to use
a bdc with homes/profile the smbprofile parameter should really be in 
ldap to modify it simply when a user profile moves to i.e to another office
it seems the profile data in usrmgr must be added for every user by 
adminmodify to have the profile path in ldap which
may more be a feature than a bug, but this was total different to 
previos releases of the tools.

the smbconf relevant parameters are

passdb backend = ldapsam:"ldap://127.0.0.1/"
   ldap admin dn = cn=Manager,dc=gundk,dc=intern
   ldap suffix = dc=gundk,dc=intern
   ldap group suffix = ou=Groups
   ldap user suffix = ou=Users
   ldap machine suffix = ou=Computers
   ldap ssl = no
   ldap delete dn = Yes
# add user script = /opt/IDEALX/sbin/smbldap-useradd -m -P "%u"
add user script = /etc/samba/smbuseradd.pl  "%u"
   delete user script = /opt/IDEALX/sbin/smbldap-userdel -r "%u"; rm
-r
/var/lib/samba/profiles/"%u"; rm -r /home/"%u"
   add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u"
   add group script = /opt/IDEALX/sbin/smbldap-groupadd "%g"
   delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g"
   add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m
"%u" "%g"
   delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x 
"%u" "%g"
   set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g"
"%u"
   ldap passwd sync = Yes

as you see /opt/IDEALX/sbin/smbldap-userdel -r "%u" stopped working
for
me too, for deleting the home dir recursive so i had to add rm -r
/home/"%u"

I wonder nobody other has found this behavior too i used

SMBLDAP-TOOLS-0.8.7

to make this clear all idealx scripts worked for me at command line use
as far i studied the idealx faqs the descibed stuff should not happend, 
but the faqs may outdated, per haps someone knows more
i used samba 3.13 / suse 9.2 -64 / win xp srv pack2  prof german

Best Regards

ons, 06.04.2005 kl. 10.45 skrev Jonathan Salomon:
> I have setup samba / openldap as describes by the idealx howto and as 
> such I am using the smbldap-tools. However, I would like to add the 
> givenname and email address fields for all users. What is the best way 
> to do this? I would prefer continuing to use the smbldap-tools, but I 
> cannot seem to find a good way to do this. When I try to: $ 
> smbldap-usermod -M testuser@testdomain.net testuser
> I get: failed to modify entry: mailLocalAddress: attribute type 
> undefined at /usr/local/sbin/smbldap-usermod line 470, <DATA> line
283.
> And what fields are normally used for the full name within this 
> smbldap-tools scope? How do people cope with additional/custom field 
> that are not supported by the smbldap-tools?
You should modify slapd.conf (if you're using OpenLDAP) to include
misc.schema in addition to whatever schemas you're already including. If
it's not OpenLDAP, you should include the appropriate configuration file
for the relevant DSA. You can see which schemas have which objectClasses
and attributes simply by grepping in the schema directory.

--Tonni

-- 
Nothing sucksseeds like a pigeon without a beak ...

mail: tonye@billy.demon.nl
http://www.billy.demon.nl
 
They love us, don't they, They feed us, won't they ...

Jonathan Salomon schrieb:
> Hi Robert,
>
>> youre right i found this too.
>> The problem is that you have include the misc schema in ldap.
>> As i tested the script to include the mail options at useradd time 
>> this failed too.
>> It seems the attribute wasnt published at populate time, so the samba 
>> profile wasnt published not ,too ( invoking by usrmgr)
>>
>>
>> I managed it with a small per script to add mail attributes at 
>> useradd create time
>> like this i.e
>>  
>>
> Thanks for your extensive answer, but I don't really see how you add 
> the mail attribute after adding the misc.schema. If I do the 
> smbldap-usermod -M command then I get: failed to modify entry: 
> attribute 'mail' not allowed at /usr/local/sbin/smbldap-usermod
line
> 469, <DATA> line 283.
>
> Thanks,
> Jonathan
Hi,
this may be perl related, there are some advice at idealx faqs about perl
Regards