How could I migrate these fields to CN=aliases,CN=mail,CN=ypServ30,CN=RpcServices,CN=System,DC=local? dn: cn=abuse,ou=Aliases,DC=mydomail,DC=local cn: abuse objectClass: nisMailAlias objectClass: top rfc822MailMember: root dn: cn=noc,ou=Aliases,DC=mydomail,DC=local cn: noc objectClass: nisMailAlias objectClass: top rfc822MailMember: root dn: cn=security,ou=Aliases,DC=mydomail,DC=local cn: security objectClass: nisMailAlias objectClass: top rfc822MailMember: root -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 833 bytes Desc: Firma digitale OpenPGP URL: <http://lists.samba.org/pipermail/samba/attachments/20200720/9fd8e55b/attachment.sig>
On 20/07/2020 11:11, RhineDevil via samba wrote:> How could I migrate these fields to CN=aliases,CN=mail,CN=ypServ30,CN=RpcServices,CN=System,DC=local? > > dn: cn=abuse,ou=Aliases,DC=mydomail,DC=local > cn: abuse > objectClass: nisMailAlias > objectClass: top > rfc822MailMember: root > > dn: cn=noc,ou=Aliases,DC=mydomail,DC=local > cn: noc > objectClass: nisMailAlias > objectClass: top > rfc822MailMember: root > > dn: cn=security,ou=Aliases,DC=mydomail,DC=local > cn: security > objectClass: nisMailAlias > objectClass: top > rfc822MailMember: rootFirst you will need the rfc822-MailMember.schema and then run that through oLschema2ldif to produce an ldif to add to AD. Doing the above, should produce something like this: dn: CN=rfc822MailMember,CN=Schema,CN=Configuration,dc=local objectClass: top objectClass: attributeSchema attributeID: 1.3.6.1.4.1.42.2.27.2.1.15 schemaIdGuid:: aB7do9Dx3LkCSVgvixllpg=cn: rfc822MailMember name: rfc822MailMember lDAPDisplayName: rfc822MailMember description: rfc822 mail address of group member(s) attributeSyntax: 2.5.5.5 oMSyntax: 22 isSingleValued: FALSE dn: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local objectClass: top objectClass: classSchema governsID: 1.3.6.1.4.1.42.2.27.1.2.5 schemaIdGuid:: gMnYtZqCPTLAMXe3RZus8A=cn: nisMailAlias name: nisMailAlias lDAPDisplayName: nisMailAlias subClassOf: top objectClassCategory: 1 description: NIS mail alias mustContain: cn mayContain: rfc822MailMember defaultObjectCategory: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local You will need to split that into two ldif's one containing the objectclass, the other the attribute. You can then add the two ldifs like this: ldbadd -H path_to_sam_ldb attr.ldif --option="dsdb:schema update allowed"=true ldbadd -H path_to_sam_ldb class.ldif --option="dsdb:schema update allowed"=true You could then add your ldif (modified to suit AD): dn: cn=abuse,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local cn: abuse objectClass: nisMailAlias objectClass: top rfc822MailMember: root dn: cn=noc,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local cn: noc objectClass: nisMailAlias objectClass: top rfc822MailMember: root dn: cn=security,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local cn: security objectClass: nisMailAlias objectClass: top rfc822MailMember: root Whilst the above should work, I have never tried it. You should be aware that extending the AD schema is a one way action, you can never remove it. If you do extend your schema, you do this at your own risk, do not blame me if it goes wrong. Rowland
Mandi! RhineDevil via samba In chel di` si favelave...> dn: cn=abuse,ou=Aliases,DC=mydomail,DC=local > cn: abuse > objectClass: nisMailAlias > objectClass: top > rfc822MailMember: rootSeems 'laser-draft-schema': https://tools.ietf.org/html/draft-lachman-laser-ldap-mail-routing-02 i'm using it, folowing the hint that Rowland provide. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bont?, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
Mon, 20 Jul 2020 11:56:57 +0100 Rowland penny via samba <samba at lists.samba.org>:> On 20/07/2020 11:11, RhineDevil via samba wrote: > > How could I migrate these fields to CN=aliases,CN=mail,CN=ypServ30,CN=RpcServices,CN=System,DC=local? > > > > dn: cn=abuse,ou=Aliases,DC=mydomail,DC=local > > cn: abuse > > objectClass: nisMailAlias > > objectClass: top > > rfc822MailMember: root > > > > dn: cn=noc,ou=Aliases,DC=mydomail,DC=local > > cn: noc > > objectClass: nisMailAlias > > objectClass: top > > rfc822MailMember: root > > > > dn: cn=security,ou=Aliases,DC=mydomail,DC=local > > cn: security > > objectClass: nisMailAlias > > objectClass: top > > rfc822MailMember: root > > First you will need the rfc822-MailMember.schema and then run that > through oLschema2ldif to produce an ldif to add to AD. > > Doing the above, should produce something like this: > > dn: CN=rfc822MailMember,CN=Schema,CN=Configuration,dc=local > objectClass: top > objectClass: attributeSchema > attributeID: 1.3.6.1.4.1.42.2.27.2.1.15 > schemaIdGuid:: aB7do9Dx3LkCSVgvixllpg=> cn: rfc822MailMember > name: rfc822MailMember > lDAPDisplayName: rfc822MailMember > description: rfc822 mail address of group member(s) > attributeSyntax: 2.5.5.5 > oMSyntax: 22 > isSingleValued: FALSE > > dn: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local > objectClass: top > objectClass: classSchema > governsID: 1.3.6.1.4.1.42.2.27.1.2.5 > schemaIdGuid:: gMnYtZqCPTLAMXe3RZus8A=> cn: nisMailAlias > name: nisMailAlias > lDAPDisplayName: nisMailAlias > subClassOf: top > objectClassCategory: 1 > description: NIS mail alias > mustContain: cn > mayContain: rfc822MailMember > defaultObjectCategory: CN=nisMailAlias,CN=Schema,CN=Configuration,dc=local > > You will need to split that into two ldif's one containing the > objectclass, the other the attribute. > > You can then add the two ldifs like this: > > ldbadd -H path_to_sam_ldb attr.ldif --option="dsdb:schema update > allowed"=true > ldbadd -H path_to_sam_ldb class.ldif --option="dsdb:schema update > allowed"=true > > You could then add your ldif (modified to suit AD): > > dn: > cn=abuse,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local > cn: abuse > objectClass: nisMailAlias > objectClass: top > rfc822MailMember: root > > dn: cn=noc,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local > cn: noc > objectClass: nisMailAlias > objectClass: top > rfc822MailMember: root > > dn: > cn=security,cn=aliases,cn=mail,cn=ypServ30,cn=RpcServices,cn=System,dc=local > cn: security > objectClass: nisMailAlias > objectClass: top > rfc822MailMember: root > > Whilst the above should work, I have never tried it. You should be aware > that extending the AD schema is a one way action, you can never remove it. > > If you do extend your schema, you do this at your own risk, do not blame > me if it goes wrong. > > Rowland >Wait but Wouldn't make sense taking care of this through samba-tool? Like there's --rfc-2037, --rfc822 could be added -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 833 bytes Desc: Firma digitale OpenPGP URL: <http://lists.samba.org/pipermail/samba/attachments/20200720/1d2eb711/attachment.sig>