Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[Samba] smbtools, existing users, etc...

82 views
Skip to first unread message

SEFEROVIC Edvin

unread,
Nov 18, 2003, 7:20:14 AM11/18/03
to
Hello.

I followed your discussion about smbtools etc. Now I would like to hear some
concrete answers about them. I have my existing users in LDAP ( posixAccount
schema ), and now I installed samba 3.0.0 and want to store samba user
accounts in LDAP too. I included samba.schema.

Is it possible to add samba part of user account to the already existing
user account in LDAP?

If yes, how do I add the samba part? After I include samba.schema in my LDAP
server, it wont start anymore because of missing SID ( uid is already
present through posixAccount ), can anyone help me on this??

Has anyone ideas how to add the samba part of user account with already
existing user database?

What if my user changes his password ( by using a web php-backend ), is
samba password automatically changed, or do I have to change it manually?

TIA

Edvin SEFEROVIC

--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba

Jérôme Tournier

unread,
Nov 18, 2003, 7:40:14 AM11/18/03
to
> Hello.
Hi !

> Is it possible to add samba part of user account to the already existing user account
> in LDAP?

My response is only available if you use the smbldap-tools.
Yes you can. If you applied the patch i post this morning to the latest scripts (look at
cvs.idealx.org), you can use the following command to add the sambaSAMAccount
objectclass to the user 'user'.
$ smbldap-usermod.pl -a user
The sambaSID attribute will be calculated as 2*uidNumber+1000.
You can also add more informations:
-a add sambaSAMAccount objectclass
-e expire date ("YYYY-MM-DD HH:MM:SS")
-A can change password ? 0 if no, 1 if yes
-B must change password ? 0 if no, 1 if yes
-C sambaHomePath (SMB home share, like '\\PDC-SRV\homes')
-D sambaHomeDrive (letter associated with home share, like 'H:')
-E sambaLogonScript (DOS script to execute on login)
-F sambaProfilePath (profile directory, like '\\PDC-SRV\profiles\foo')
-H sambaAcctFlags (samba account control bits like '[NDHTUMWSLKI]')
-I disable an user. Can't be used with -H or -J
-J enable an user. Can't be used with -H or -I
For example:
$ smbldap-usermod.pl -a -E script.cmd user


> What if my user changes his password ( by using a web php-backend ), is samba password
> automatically changed, or do I have to change it manually?

No it is not. Can can calculate the lmPassword and ntPassword, and patch your
php-backend to update le attributes. Or can can use smbldap-passwd.pl that update both
unix password and win32 passwords.
--
Jérôme

SEFEROVIC Edvin

unread,
Nov 18, 2003, 10:00:24 AM11/18/03
to
Hello Jerome,

thanx for your help. Is the 0.8.1 version of smbldap tools already patched
or do I have to patch it myself. If so - please write me a few lines how to
do it, and which files to patch.

I haven’t been working with smbldap-tools, but I want to try them out. Do
they work on SuSE Linux?

Can I call your script everytime my user changes his password though my
php-backend? Are the passwords going to be changed then, although the user
exists in posixAccount and samba.schema?? or easier - what happens when I
use this script twice for a user that already exists? Is it going to change
his password or am I going to get an error?

TIA

Edvin SEFEROVIC

-----Ursprüngliche Nachricht-----
Von: samba-bounces+edvin.seferovic=kol...@lists.samba.org
[mailto:samba-bounces+edvin.seferovic=kol...@lists.samba.org] Im Auftrag
von Jérôme Tournier
Gesendet: Dienstag, 18. November 2003 13:44
An: sa...@lists.samba.org
Betreff: Re: [Samba] smbtools, existing users, etc...

Jérôme Tournier

unread,
Nov 19, 2003, 6:00:31 AM11/19/03
to
> Hello Jerome,
>
> thanx for your help. Is the 0.8.1 version of smbldap tools already patched or do I
> have to patch it myself. If so - please write me a few lines how to do it, and which
> files to patch.
no, it is not. You'll find attached the latest scripts (hope the attechment will succeed
this time).

> I haven’t been working with smbldap-tools, but I want to try them out. Do they work on
> SuSE Linux?

Yes of course. You just need perl and Net::LDAP

> Can I call your script everytime my user changes his password though my php-backend?

Yes.

> Are the passwords going to be changed then, although the user exists in posixAccount
> and samba.schema?? or easier - what happens when I use this script twice for a user
> that already exists? Is it going to change his password or am I going to get an error?

Every time you use the smbldap-password.pl script, all of userPassword, ntPassword and
lmPassword will be updated.
If you add the sambaSAMAccount to an existing user and want to change all of the 3
passwords, you can use
$ smbldap-usermod.pl -a -P (..options..) user

--
Jérôme

0 new messages