samba - Nov 2007 - Subject: Query a Windows 2003 AD server for specific

Hello 

-------------
Message-ID:
	
<5E69B1F6F1F27444B036F1DFC9799ECB0F66CF@iccserver.iccpartners.local>
Content-Type: text/plain;	charset="iso-8859-1"

The Question:  What command do I use to query a Windows 2003 AD server
to return the Organizational Unit of a specific users? Also, what would
be the command that would return the "Home Directory" path as
specified
in the Account Properties of the Windows 2003 account?

The Environment: Windows 2003 Domain with 10000 plus users
8000 Windows 2k/XP workstations
1100 Terminal Clients connecting to SuSE Linux Enterprise Server 10
Authentication between Linux and Windows using Samba Version
3.0.24-2.28-1354-SUSE-CODE10
Winbind Version 3.0.24-2.28-1354-SUSE-CODE10

All users have a "home directory"  located on a Windows server.  The
path is set in their AD account and  mapped to H: When they login to a
XP or 2000 workstation.  This is setup in a school district.  Users can
be either logged into windows or into Linux.   

The path to the home directory is ODD at best.  I didn't set it up, nor
can I change it.

For teachers they are mapped to \\server\teachers\"username"
For students it is a little more complicated.  Each school has it own
OU.  Therefor, the Windows admins created a path that is similar to this
\\server\"OUname"\"username"  The problem is there are 10000
students
divided between 30 OUs.

Thanks in advance.
-------------------


You need to get dsquery and dsget , should be part of the "bonus pack"
of Win2003 Server, then you can create queries like following

dsquery user -samid $uid|dsget user -hmdir  and you get that:
$uid stands for accountname

 \\$server\userdirs$\$username
 

Or dsquery user -name $user_name*|dsget user -hmdir   and you will see
that output
$user_name stands for the real name



\\$server\userdirs$\$username

It's a really powerfull command combination

If you want(must)  run that from UNIX you need ldapsearch 

BR  Martin  Schreiber







BR  Martin Schreiber

On Wed, 28 Nov 2007 16:57:31 +0100
"Schreiber, Martin" <martin.a.schreiber@siemens.com> wrote:
> The Question:  What command do I use to query a Windows 2003 AD server
> to return the Organizational Unit of a specific users? 
# net ads search 'objectCategory=organizationalunit' name -U user%pass
lists each OU, not sure how you get users within each though.
> Also, what would
> be the command that would return the "Home Directory" path as
specified
> in the Account Properties of the Windows 2003 account?
# net ads search '(objectCategory=user)' name sAMAccountName
HomeDirectory -U user%pass

Cheers, Dave