Marco Gaiarin
2017-Nov-29 15:20 UTC
[Samba] LDAP query and result: better field for username?
Currently for my user:
root at vdmsv1:/etc/exim4# ldbsearch -H ldap://vdcsv1 -P -b
DC=ad,DC=fvg,DC=lnf,DC=it "(cn=gaio)" | grep ": gaio$"
cn: gaio
name: gaio
sAMAccountName: gaio
uid: gaio
msSFU30Name: gaio
what field is betetr to use for querying for user 'gaio'?
'uid' no (because RFC2307 data can be missing), so?
'sAMAccountName'? or 'cn'?
Thanks.
PS: clearly the same for groups:
root at vdmsv1:/etc/exim4# ldbsearch -H ldap://vdcsv1 -P -b
DC=ad,DC=fvg,DC=lnf,DC=it "(cn=unixadm)" | grep ": unixadm$"
cn: unixadm
name: unixadm
sAMAccountName: unixadm
msSFU30Name: unixadm
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia''
http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
Rowland Penny
2017-Nov-29 15:44 UTC
[Samba] LDAP query and result: better field for username?
On Wed, 29 Nov 2017 16:20:01 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote:> > Currently for my user: > > root at vdmsv1:/etc/exim4# ldbsearch -H ldap://vdcsv1 -P -b > DC=ad,DC=fvg,DC=lnf,DC=it "(cn=gaio)" | grep ": gaio$" cn: gaio > name: gaio > sAMAccountName: gaio > uid: gaio > msSFU30Name: gaio > > what field is betetr to use for querying for user 'gaio'? > > 'uid' no (because RFC2307 data can be missing), so? > > 'sAMAccountName'? or 'cn'? > > > Thanks. > > > PS: clearly the same for groups: > > root at vdmsv1:/etc/exim4# ldbsearch -H ldap://vdcsv1 -P -b > DC=ad,DC=fvg,DC=lnf,DC=it "(cn=unixadm)" | grep ": unixadm$" cn: > unixadm name: unixadm > sAMAccountName: unixadm > msSFU30Name: unixadm >sAMAccountName, this is the username that your users will log in with, whilst 'cn' could be the users full name e.g. the user 'Fred Bloggs' would have the 'cn' 'Fred Bloggs', but his sAMAccountName could be 'fred' or 'fbloggs' etc Rowland
Marco Gaiarin
2017-Nov-30 10:51 UTC
[Samba] LDAP query and result: better field for username?
Mandi! Rowland Penny via samba In chel di` si favelave...> sAMAccountName, this is the username that your users will log in with, > whilst 'cn' could be the users full name e.g. the user 'Fred Bloggs' > would have the 'cn' 'Fred Bloggs', but his sAMAccountName could be > 'fred' or 'fbloggs' etcWonderful. And i suppose '--use-username-as-cn' is exactly for that... Thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)