Adding users with samba tool
From SambaWiki
Adding Users into Samba Active Directory
When running Samba 4 as an Active Directory domain, unlike Samba 3, you cannot have a local Unix user for each Samba user that is created.
To create a Samba user, use the following command:
/usr/local/samba/bin/samba-tool user create user1
To inspect the allocated user ID and SID, use the following command:
$ /usr/local/samba/bin/wbinfo --name-to-sid user1 S-1-5-21-4036476082-4153129556-3089177936-1005 SID_USER (1) $ /usr/local/samba/bin/wbinfo --sid-to-uid S-1-5-21-4036476082-4153129556-3089177936-1005 3000011
If you want to change this mapping, You must add a 'uidNumber' attribute to the users object in /usr/local/samba/private/sam.ldb
$ ldbedit -e emacs -H /usr/local/samba/private/sam.ldb objectsid=S-1-5-21-4036476082-4153129556-3089177936-1005
- Note: You can replace emacs with your editor of choice.
Find the record for 'user1', it will start like this:
dn: CN=user1,CN=Users,DC=samdom,DC=example,DC=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user cn: user1
If you add a uidNumber attribute similar to this:
uidNumber: 10000
Then save and exit, Samba will then use ID '10000' for the user Unix ID.
You can change group Unix ID's in the same way.