Adding users with samba tool

Revision as of 15:21, 12 February 2016 by YvanM (talk | contribs) (corrected "</tt>" tag)

Adding Users into Samba Active Directory

Unlike Samba 3, Samba 4 does not require a local Unix user for each Samba user that is created.

To create a Samba user, use the following command:

/usr/local/samba/bin/samba-tool user add USERNAME

To inspect the allocated user ID and SID, use the following command:

$ /usr/local/samba/bin/wbinfo --name-to-sid USERNAME
S-1-5-21-4036476082-4153129556-3089177936-1005 SID_USER (1)

$ /usr/local/samba/bin/wbinfo --sid-to-uid S-1-5-21-4036476082-4153129556-3089177936-1005
3000011

If you want to change this mapping, then use ldbedit on the /usr/local/samba/private/idmap.ldb, as shown:

$ ldbedit -e emacs -H /usr/local/samba/private/idmap.ldb objectsid=S-1-5-21-4036476082-4153129556-3089177936-1005
  • Note: You can replace emacs with your editor of choice.

You will find records that look like this:

# record 1
dn: CN=S-1-5-21-4036476082-4153129556-3089177936-1005
cn: S-1-5-21-4036476082-4153129556-3089177936-1005
objectClass: sidMap
objectSid: S-1-5-21-4036476082-4153129556-3089177936-1005
type: ID_TYPE_BOTH
xidNumber: 3000011
distinguishedName: CN=S-1-5-21-4036476082-4153129556-3089177936-1005

If you change the xidNumber attribute and save your editor then exit, then Samba will update the mapping to between the SID and the user ID. Updating group mappings works in the same way.