Re: Fwd: map group uniqueMember sAMAccountName
[Date Prev][Date Next] [Thread Prev][Thread Next]Re: Fwd: map group uniqueMember sAMAccountName
- From: Patrik <alabard [at] gmail.com>
- To: Arthur de Jong <arthur [at] arthurdejong.org>
- Cc: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: Fwd: map group uniqueMember sAMAccountName
- Date: Fri, 10 Feb 2017 11:22:49 +0100
hold on, why is it fixed in the code 10000?
the next:
christine , uid: 10001, same group id, same uid, and group and user name christine/christine.
the filter is weird!
filter group (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))(uidNumber=10000))")
Should I use asterix? * ?
On Fri, Feb 10, 2017 at 11:11 AM, Arthur de Jong <arthur [at] arthurdejong.org> wrote:
On Fri, 2017-02-10 at 10:39 +0100, Patrik wrote:
> It is in a Samba AD. Still now working with group. How can I not need
> a Samba group and use that is the same as the username? Like usual
> linux setup.
What does the following return:
getent passwd patrikx3
If you want the gid to be the same as the uid and have every user also
be a group you could use something like this that maps group queries to
user queries:
filter passwd (&(objectClass=user)(!(objectClass=computer))( uidNumber=*)( unixHomeDirectory=*))( uidNumber=10000))")
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map passwd gecos displayName
map passwd gidNumber uidNumber
filter shadow (&(objectClass=user)(!(objectClass=computer))( uidNumber=*)( unixHomeDirectory=*))( uidNumber=10000))")
map shadow uid sAMAccountName
map shadow shadowLastChange pwdLastSet
filter group (&(objectClass=user)(!(objectClass=computer))( uidNumber=*)( unixHomeDirectory=*))( uidNumber=10000))")
map group cnsAMAccountName
map group gidNumberuidNumber
map group memberUidsAMAccountName
(the last mapping is optional and shouldn't be needed in most cases)
This is obviously a bit of a hack. It is better to have real groups
defined. In such setups it is common to have all the normal users
configured with a "users" primary group instead of a per-user group.
You will need to address this in the file ownership then of course.
Kind regards,
--
-- arthur - arthur [at] arthurdejong.org - https://arthurdejong.org/ --
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists. or seearthurdejong.org
https://lists.arthurdejong.org/nss-pam-ldapd-users/
-- To unsubscribe send an email to nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see https://lists.arthurdejong.org/nss-pam-ldapd-users/
- Re: map group uniqueMember sAMAccountName, (continued)
- Re: map group uniqueMember sAMAccountName, Patrik
- Re: Fwd: map group uniqueMember sAMAccountName,
Arthur de Jong
- Re: Fwd: map group uniqueMember sAMAccountName, Patrik
- Re: Fwd: map group uniqueMember sAMAccountName, Arthur de Jong
- Re: Fwd: map group uniqueMember sAMAccountName, Patrik
- Re: Fwd: map group uniqueMember sAMAccountName, Arthur de Jong
- Re: Fwd: map group uniqueMember sAMAccountName, Patrik
- Prev by Date: Re: Fwd: map group uniqueMember sAMAccountName
- Next by Date: Re: Fwd: map group uniqueMember sAMAccountName
- Previous by thread: Re: Fwd: map group uniqueMember sAMAccountName
- Next by thread: Re: Fwd: map group uniqueMember sAMAccountName