On Fri, Mar 12, 2021 at 12:08 AM Philippe LeCavalier < support at plecavalier.com> wrote:> > >> >> On Thu, Mar 11, 2021, 23:06 Jonathon Reinhart < >> jonathon.reinhart at gmail.com> wrote: >> >>> Hi Phil, >>> >>> You can add additional UPN suffixes to your AD via the "Active >>> Directory Domains and Trusts" management console. Then when users are >>> created, you can select a different UPN suffix for their UPN -- >>> presumably one that matches their email address. >>> >> I'm definitely going to see through getting myself setup with your ADmantool but just out of curiosity, is there a way to add the additional domain using samba-tool or some other native samba method? Thanks, Phil
On Fri, Mar 12, 2021 at 9:15 AM Philippe LeCavalier via samba < samba at lists.samba.org> wrote:> >> I'm definitely going to see through getting myself setup with your ADman > tool but just out of curiosity, is there a way to add the additional domain > using samba-tool or some other native samba method? >AFAIK no, there is not. You have to use the Windows management tools. There are plenty of other AD tasks that also require those tools (for now), so you might as well join a Windows VM and install the RSAT package. Looking back at my notes, I confirm that yes, you have to use "Active Directory Domains and Trusts": https://jonathonreinhart.com/posts/blog/2019/02/11/setting-up-a-samba-4-domain-controller-on-debian-9 There's also this little blurb in the Samba Wiki: https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ#My_User_Logins_Does_Not_Match_My_Email