Enhancement #1890

Samba: machine accounts into ou=Computers LDAP branch

Added by Davide Principi over 8 years ago. Updated about 8 years ago.

Status:CLOSEDStart date:04/29/2013
Priority:NormalDue date:04/29/2013
Assignee:-% Done:

100%

Category:nethserver-samba
Target version:v6.4-beta1
Resolution: NEEDINFO:

Description

Machine accounts are created by nethserver-samba-machine-create action, using luseradd command. Libuser is configured to add entries to ou=People LDAP branch.

This causes the machine accounts to be listed by ejabberd as offline accounts and might raise some other issues.

Put machine accounts into ou=Computers LDAP branch, and check if join to domain and migration scripts work.

Associated revisions

Revision cf1e47b3
Added by Davide Principi over 8 years ago

smb.conf template: store machine accounts under ou=Computers branch. Refs #1890

History

#1 Updated by Davide Principi over 8 years ago

  • Due date set to 04/29/2013
  • Status changed from NEW to ON_DEV
  • Assignee set to Davide Principi
  • Start date set to 04/29/2013
  • % Done changed from 0 to 30
  • Estimated time set to 2.00

#2 Updated by Davide Principi over 8 years ago

Samba requires getent to return the right uid number.

getent uses nsswitch/ldap, that searches the DIT in depth: an additional Computers branch should be descended as well, and entries found.

#3 Updated by Davide Principi over 8 years ago

  • Status changed from ON_DEV to ON_QA
  • % Done changed from 30 to 80

#4 Updated by Davide Principi over 8 years ago

  • Status changed from ON_QA to MODIFIED
  • % Done changed from 80 to 100

After upgraded to nethserver-samba-1.1.0-32.0git737306ee.ns6.noarch move machine accounts under the Computers branch:


for U in `db accounts keys`; do    
    if [ "`db accounts gettype $U`" != 'machine' ]; then continue; fi;       

    ldapmodify -Y EXTERNAL <<EOF
dn: uid=${U},ou=People,dc=directory,dc=nh
changetype: modrdn
newrdn: uid=${U}
deleteoldrdn: 0
newsuperior: ou=Computers,dc=directory,dc=nh
EOF

done

#5 Updated by Davide Principi about 8 years ago

  • Status changed from MODIFIED to CLOSED

Also available in: Atom PDF