Thu, 16 Jul 2020 14:11:52 +0100 Rowland penny via samba <samba at
lists.samba.org>:> On 16/07/2020 13:51, RhineDevil wrote:
> > Thu, 16 Jul 2020 12:36:58 +0100 Rowland penny via samba <samba at
lists.samba.org>:
> >> On 16/07/2020 12:22, RhineDevil wrote:
> >>> Thu, 16 Jul 2020 11:45:19 +0100 Rowland penny via samba
<samba at lists.samba.org>:
> >>>> On 16/07/2020 11:24, RhineDevil wrote:
> >>>>> Thu, 16 Jul 2020 10:56:58 +0100 Rowland penny via
samba <samba at lists.samba.org>:
> >>>>>> On 16/07/2020 10:39, RhineDevil wrote:
> >>>>>>> Thu, 16 Jul 2020 10:31:04 +0100 Rowland penny
via samba <samba at lists.samba.org>:
> >>>>>>>> On 16/07/2020 10:14, RhineDevil via samba
wrote:
> >>>>>>>>> How could I add users and groups using
ldif files without interacting with samba-tool?
> >>>>>>>> You will need to write your own scripts
around ldapmodify or ldbmodify.
> >>>>>>>>
> >>>>>>>> Rowland
> >>>>>>>>
> >>>>>>> Yes but what fields are required and what
autogenerated?
> >>>>>>> Could I have a basic example?
> >>>>>> It depends on whether we are talking about pure
Windows users & groups
> >>>>>> or Unix users & groups. I suppose it also
depends on where you are going
> >>>>>> to administrate them from.
> >>>>>>
> >>>>>> Can I ask what is wrong with using samba-tool ?
> >>>>>>
> >>>>>> Rowland
> >>>>>>
> >>>>> AFAIK doesn't allow full 1:1 export about gecos,
shell and various things from /etc/ flat files
> >>>>> We're talking about Unix users and groups, but
made in a way that they're both available in the AD and in NIS. This
obviously takes as requirement that RFC2307 was enabled during installation
> >>>> No it doesn't, first, all the RFC2307 attributes are
available from the
> >>>> standard AD schema, what isn't installed is the ldif
required by IDMU.
> >>>> Secondly, samba-tool can add the required RFC2307
attributes when you
> >>>> create a user or group, you just need to add the required
switches to
> >>>> the command. See 'samba-tool user create --help'
and 'samba-tool group
> >>>> add --help' for more info and examples.
> >>>>
> >>>> Rowland
> >>>>
> >>> What's IDMU?
> >> Identity Management for UNIX or what gave you the Unix attribute
tabs on
> >> ADUC (Active Directory Users & Computers)
> >>> Yeah I knew how to add RFC2307 support, didn't explain
well
> >>> Seen right now the samba-tool user create options, they look
nice, maybe migration would be more easy than I thought
> >>>
> >>> And about other data normally supported by a full schema like
/etc/aliases /etc/fstab (potentially) /etc/hosts, /etc/networks, /etc/protocols,
/etc/rpc, /etc/services and /etc/netgroup?
> >> That would be NIS, you do not need NIS, but if you do and can make
it
> >> work, you will need to add the ypServ30.ldif
> >>
> >> Rowland
> >>
> > (Maybe) last question, how do I purge samba databases?
>
> Which Samba databases ?
>
> If you mean 'my user is using the wrong ID' then 'net cache
flush'
>
> Rowland
>
>
>
I mean all dbs containing samba ad-dc data
Forgot to ask something, an LDAP client connecting to samba LDAP implementation
can use `cn=mycn,dc=domain,dc=tld` or it's forced to provide DC and CN in
uppercase?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: Firma digitale OpenPGP
URL:
<http://lists.samba.org/pipermail/samba/attachments/20200717/5ceb29a3/attachment.sig>