Enhancement #1890
Samba: machine accounts into ou=Computers LDAP branch
| Status: | CLOSED | Start date: | 04/29/2013 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | 04/29/2013 | |
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-samba | |||
| Target version: | v6.4-beta1 | |||
| Resolution: | NEEDINFO: |
Description
Machine accounts are created by nethserver-samba-machine-create action, using luseradd command. Libuser is configured to add entries to ou=People LDAP branch.
This causes the machine accounts to be listed by ejabberd as offline accounts and might raise some other issues.
Put machine accounts into ou=Computers LDAP branch, and check if join to domain and migration scripts work.
Associated revisions
smb.conf template: store machine accounts under ou=Computers branch. Refs #1890
History
#1
Updated by Davide Principi over 8 years ago
- Due date set to 04/29/2013
- Status changed from NEW to ON_DEV
- Assignee set to Davide Principi
- Start date set to 04/29/2013
- % Done changed from 0 to 30
- Estimated time set to 2.00
#2
Updated by Davide Principi over 8 years ago
Samba requires getent to return the right uid number.
getent uses nsswitch/ldap, that searches the DIT in depth: an additional Computers branch should be descended as well, and entries found.
#3
Updated by Davide Principi over 8 years ago
- Status changed from ON_DEV to ON_QA
- % Done changed from 30 to 80
#4
Updated by Davide Principi over 8 years ago
- Status changed from ON_QA to MODIFIED
- % Done changed from 80 to 100
After upgraded to nethserver-samba-1.1.0-32.0git737306ee.ns6.noarch move machine accounts under the Computers branch:
for U in `db accounts keys`; do
if [ "`db accounts gettype $U`" != 'machine' ]; then continue; fi;
ldapmodify -Y EXTERNAL <<EOF
dn: uid=${U},ou=People,dc=directory,dc=nh
changetype: modrdn
newrdn: uid=${U}
deleteoldrdn: 0
newsuperior: ou=Computers,dc=directory,dc=nh
EOF
done
#5
Updated by Davide Principi about 8 years ago
- Status changed from MODIFIED to CLOSED