On Fri, 2013-09-27 at 05:22 -0400, Thomas Harold wrote: > Running Samba 4.0.9, we have added a pair of Samba4 domain controllers > to an existing Win2003 domain. > > How do we determine whether RFC2037 attributes already exist in the > domain? And how would we go about adding them to an already existing > domain?
If you have genuinely got a 2003 domain then by default rfc2307 attributes don't exist because they will not be in the schema. If your Windows controllers however are actually 2003R2 then the process of upgrading your domain to the R2 version introduced the rfc2307 schema extension whether you liked it or not. Some links that cover this http://blog.scottlowe.org/2005/12/22/complete-linux-ad-authentication-details/ http://blog.scottlowe.org/2006/08/08/linux-active-directory-and-windows-server-2003-r2-revisited/ http://blog.scottlowe.org/2007/01/15/linux-ad-integration-version-4/ Assuming it is really a 2003R2 domain then you need to populate the rfc2307 attributes in the directory as by default they are not populated. You can populate the entries in a variety of ways probably the simplest is to generate an ldif of the form for every user and load it into the domain. dn: CN=joeblogs,OU=users,DC=ds,DC=mycorp,DC=com uid: joeblogs msSFU30Name: joeblogs msSFU30NisDomain: ds uidNumber: 5252 gidNumber: 8000 unixHomeDirectory: /home/joeblogs loginShell: /bin/bash JAB. -- Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk Fife, United Kingdom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
