Re: [Samba] Change default GID of users
Thank you Marc! 2013/8/29 Marc Muehlfeld > Hello Bruno, > > Am 29.08.2013 16:11, schrieb Bruno Vane: > > I had this mapping in nslcd.conf >> map passwd gidNumber primaryGroupID >> >> I need the gidNumber to be "100" because this is gidnumber of group >> "users" >> in my Ubuntu servers. >> I will disable this mapping and test if everything is OK. >> > > The mapping is not just for mapping one field to an other. You can replace > values, too or do other things (see manpage for more). > > You can hardcode the mapping: > > map passwd gidNumber "666" > > > # getent passwd > ... > Administrator:*:1:666::/**home/Administrator:/bin/bash > technik:*:10001:666:Technik:/**home/technik:/bin/false > demo1:*:10002:666:Demo User1:/home/demo1:/bin/sh > > > And all your domain accounts have primary group 666 :-) > > > Regards, > Marc > -- Bruno Vane HPM Tecnologia (24) 9278-7195 / (24) 3345-0002 skype: broonu www.zamix.com.br | www.superonda.com.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change default GID of users
Hello Bruno, Am 29.08.2013 16:11, schrieb Bruno Vane: I had this mapping in nslcd.conf map passwd gidNumber primaryGroupID I need the gidNumber to be "100" because this is gidnumber of group "users" in my Ubuntu servers. I will disable this mapping and test if everything is OK. The mapping is not just for mapping one field to an other. You can replace values, too or do other things (see manpage for more). You can hardcode the mapping: map passwd gidNumber "666" # getent passwd ... Administrator:*:1:666::/home/Administrator:/bin/bash technik:*:10001:666:Technik:/home/technik:/bin/false demo1:*:10002:666:Demo User1:/home/demo1:/bin/sh And all your domain accounts have primary group 666 :-) Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change default GID of users
Thank you Steve, I had this mapping in nslcd.conf map passwd gidNumber primaryGroupID I need the gidNumber to be "100" because this is gidnumber of group "users" in my Ubuntu servers. I will disable this mapping and test if everything is OK. 2013/8/28 steve > On Tue, 2013-08-27 at 16:07 -0300, Bruno Vane wrote: > > Hi Steve, > > > > > > Seems that this attribute does not matter, see my user "bruno.vane": > > primaryGroupID: 513 > > gidNumber: 100 > > Hi > > How are you obtaining the infromation from AD? > If you set: > gidNumber: 100 > in the DN of a user, then that is what will be returned when e.g. > nss-ldapd is used. It will not return primaryGroupID unless you have > mapped that attribute to gidNumber in nslcd.conf. primaryGroupID is not > a rfc2307 atribute. > HTH > > > -- Bruno Vane HPM Tecnologia (24) 9278-7195 / (24) 3345-0002 skype: broonu www.zamix.com.br | www.superonda.com.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change default GID of users
On Tue, 2013-08-27 at 16:07 -0300, Bruno Vane wrote: > Hi Steve, > > > Seems that this attribute does not matter, see my user "bruno.vane": > primaryGroupID: 513 > gidNumber: 100 Hi How are you obtaining the infromation from AD? If you set: gidNumber: 100 in the DN of a user, then that is what will be returned when e.g. nss-ldapd is used. It will not return primaryGroupID unless you have mapped that attribute to gidNumber in nslcd.conf. primaryGroupID is not a rfc2307 atribute. HTH -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change default GID of users
Hi Steve, Seems that this attribute does not matter, see my user "bruno.vane": primaryGroupID: 513 gidNumber: 100 If I try to change the value of primaryGroupID I get an error: Using: root@samba:~# ldbedit -e vim --url=/usr/local/samba/private/sam.ldb samaccountname=bruno.vane failed to modify CN=Bruno Vane,CN=Users,DC=corporativo,DC=mydomain,DC=net - error in module samldb: Unwilling to perform (53) root@samba:~# ldbedit -e vim --url=/usr/local/samba/private/sam.ldb samaccountname=bruno.vane # 0 adds 0 modifies 0 deletes 2013/8/27 steve > On Tue, 2013-08-27 at 14:33 -0300, Bruno Vane wrote: > > Hi Steve, > > > > > > I did what you said, and when create the user, nothing changes: > > > Hi > Sorry, you have to add: > gidNumber: 100 > to the DN of each user too. > > Make sure that you clear the nscd cache after making any change to AD. > Steve > > > > -- Bruno Vane HPM Tecnologia (24) 9278-7195 / (24) 3345-0002 skype: broonu www.zamix.com.br | www.superonda.com.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change default GID of users
On Tue, 2013-08-27 at 14:33 -0300, Bruno Vane wrote: > Hi Steve, > > > I did what you said, and when create the user, nothing changes: Hi Sorry, you have to add: gidNumber: 100 to the DN of each user too. Make sure that you clear the nscd cache after making any change to AD. Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change default GID of users
Hi Steve, I did what you said, and when create the user, nothing changes: root@samba:~# getent passwd cobaia cobaia:*:10004:513:cobaia:/home/cobaia:/bin/bash root@samba:~# ldbedit -e vim --url=/usr/local/samba/private/sam.ldb cn=Domain\ Users # editing 1 records # record 1 dn: CN=Domain Users,CN=Users,DC=corporativo,DC=mydomain,DC=net objectClass: top objectClass: group cn: Domain Users description: All domain users instanceType: 4 whenCreated: 20130826181737.0Z uSNCreated: 3541 name: Domain Users objectGUID: 4989c94c-ecd0-46bc-acff-a3d702ee905b objectSid: S-1-5-21-3289179821-1028934030-3478225505-513 sAMAccountName: Domain Users sAMAccountType: 268435456 groupType: -2147483646 objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=corporativo,DC=mydomain,DC=net isCriticalSystemObject: TRUE memberOf: CN=Users,CN=Builtin,DC=corporativo,DC=mydomain,DC=net msSFU30Name: Domain Users gidNumber: 100 whenChanged: 20130827172912.0Z uSNChanged: 3888 distinguishedName: CN=Domain Users,CN=Users,DC=corporativo,DC=mydomain,DC=net 2013/8/27 steve > On Tue, 2013-08-27 at 12:14 -0300, Bruno Vane wrote: > > Hi all, > > > > I'm using samba4 as DC and using ssh/nslcd/pam in some machines to lookup > > ldap base in samba4 to allow access for users. > > My question is, how can I set the default GID os users to "100", to match > > the GID of group"users" in my linux machines? All users I create with > ADUC > > is getting UID "513". This machines are joined in the domain. > > Hi > Add the attribute: > gidNumber: 100 > to the DN of Domain Users. > > The easiest way to do that is to: > ldbedit --url=/user/local/samba/private/sam.ldb cn=Domain\ Users > > HTH > Steve > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- Bruno Vane HPM Tecnologia (24) 9278-7195 / (24) 3345-0002 skype: broonu www.zamix.com.br | www.superonda.com.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change default GID of users
On Tue, 2013-08-27 at 12:14 -0300, Bruno Vane wrote: > Hi all, > > I'm using samba4 as DC and using ssh/nslcd/pam in some machines to lookup > ldap base in samba4 to allow access for users. > My question is, how can I set the default GID os users to "100", to match > the GID of group"users" in my linux machines? All users I create with ADUC > is getting UID "513". This machines are joined in the domain. Hi Add the attribute: gidNumber: 100 to the DN of Domain Users. The easiest way to do that is to: ldbedit --url=/user/local/samba/private/sam.ldb cn=Domain\ Users HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Change default GID of users
Hi all, I'm using samba4 as DC and using ssh/nslcd/pam in some machines to lookup ldap base in samba4 to allow access for users. My question is, how can I set the default GID os users to "100", to match the GID of group"users" in my linux machines? All users I create with ADUC is getting UID "513". This machines are joined in the domain. This is my groups: root@samba:~# wbinfo -g Enterprise Read-Only Domain Controllers Domain Admins Domain Users Domain Guests Domain Computers Domain Controllers Schema Admins Enterprise Admins Group Policy Creator Owners Read-Only Domain Controllers DnsUpdateProxy This is GID's: CORPORATIVO\Domain Admins:*:308: CORPORATIVO\Domain Users:*:100: CORPORATIVO\Domain Guests:*:312: CORPORATIVO\Domain Computers:*:318: CORPORATIVO\Domain Controllers:*:319: CORPORATIVO\Schema Admins:*:307: CORPORATIVO\Enterprise Admins:*:306: CORPORATIVO\Group Policy Creator Owners:*:304: CORPORATIVO\Read-Only Domain Controllers:*:320: CORPORATIVO\DnsUpdateProxy:*:321: CORPORATIVO\InternetLiberada:*:322: -- Bruno Vane HPM Tecnologia (24) 9278-7195 / (24) 3345-0002 skype: broonu www.zamix.com.br | www.superonda.com.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
