On Sat, 2013-09-28 at 11:06 +1100, m...@electronico.nc wrote: > Le 27/09/2013 20:36, steve a écrit : > > On Fri, 2013-09-27 at 19:09 +1100, m...@electronico.nc wrote: > >> Hi all, > >> > >> (Trying to connect squid, postfix, dovecot, pptp, etc ... to AD) > >> > >> Samba 4.0.9, as PDC, on Ubuntu 12.04.3 server. > >> Compiled with : ./configure --enable-debug --enable-selftest > >> Domain provision : /usr/local/samba/bin/samba-tool domain provision > >> > >> Despite my reads and tries, I'm unable to list the AD users from Linux. > >> /usr/local/samba/bin/wbinfo -t > >> /usr/local/samba/bin/wbinfo -u > >> /usr/local/samba/bin/wbinfo -g > >> are OK > >> > >> but : getent passwd > >> only lists Linux users. > >> > >> AD works OK and lot of work has been done onto. > >> > >> If the rfc2307 option if required during domain provision, can I launch > >> it without loosing the whole AD configuration ? > > Hi > > No. You don't need to provision with rfc2307 to be able to use it. You > > simply need to add the rfc2307 attributes to the DN's of the users. > > > > e.g. use wbinfo to get the numbers: > > wbinfo -i steve2 > > HH3\steve2:*:3000021:20513::/home/HH3/steve2:/bin/false > > > > Now add: > > uidNumber: 3000021 > > gidNumber: 20513 > > to steve2 > > > > An easy way to do that is with ldbedit. If you have a lot of users, use > > a script and then add the attributes using ldbmodify. > > > > I'd recommend using nslcd or sssd so that getent will pull the > > information from AD. > > HTH > > Steve > > > > > Thanks Denis and Steve for the answers. > > Without the rfc2307 domain provision, will I have to add manually > uidNumber and guiNumber each time a new user is created from Windows > Management Console ? > If you want to use MMC then yes. But why not add new users and groups using samba-tool? With 4.1.0 rc's you can add the user along with all his rfc2307 from the command line.
> Thanks to : > http://linuxcostablanca.blogspot.com/2013/04/sssd-build-on-opensuse.html > http://wiki.samba.org/index.php/Local_user_management_and_authentication/sssd > I have been able to : > getent passwd > ===================== > > But I have tried previousely to install sssd from repository, then from > git ... > I'll start over (thanks clonezilla ;-) ) and let you know. > Nicolas > If you want to run the AD backend with sssd, you'll need a minimum of version 1.10. If you're gonna build it, I'd recommend 1.11 which was released yesterday. > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
