User and Group management: Difference between revisions
From SambaWiki
(Created page with " = User and Group and Computer accountd management with samba-tool = == add / delete users with samba-tool == === Adding Users into Samba Active Directory === Unlike Samba ...") |
|||
(9 intermediate revisions by 4 users not shown) | |||
Line 2: | Line 2: | ||
= User and Group and Computer accountd management with samba-tool = |
= User and Group and Computer accountd management with samba-tool = |
||
== |
== Adding Users into Samba Active Directory == |
||
You add / delete users with samba-tool |
|||
⚫ | |||
⚫ | |||
⚫ | |||
To create a Samba user, use the following command at samba-ad1 via ssh login as root : |
|||
An example of adding a User + Login Profile for the user <code>fbaggins</code> |
|||
⚫ | |||
⚫ | |||
This assumes that ADSMember is being used as a Unix Member server that stores the profile and shares and the new users password will be <code>P4ssw0rd*</code> |
|||
$ samba-tool user create fbaggins P4ssw0rd* |
|||
--use-username-as-cn --surname="Baggins" |
|||
--given-name="Frodo" --initials=S |
|||
--mail-address=fbaggins@samdom.example.com |
|||
--company="Hobbiton Inc." --script-path=shire.bat |
|||
--profile-path=\\\\ADSMember.samdom.example.com\\profiles\\fbaggins |
|||
--home-drive=F |
|||
--home-directory=\\\\ADSMember.samdom.example.com\\fbaggins |
|||
--job-title="Goes there and back again" |
|||
⚫ | |||
{{Imbox |
|||
⚫ | |||
| type = note |
|||
| text = You do not need to supply all of the above options when creating a new user. For details of available options, run <code>samba-tool user create --help</code> in a terminal. |
|||
}} |
|||
⚫ | |||
To inspect the allocated user ID and SID, use the following commands: |
|||
<pre> |
|||
⚫ | |||
⚫ | |||
</pre> |
|||
$ wbinfo --name-to-sid USERNAME |
|||
=== samba-tool - delete group from Samba Active Directory === |
|||
S-1-5-21-4036476082-4153129556-3089177936-1005 SID_USER (1) |
|||
$ wbinfo --sid-to-uid S-1-5-21-4036476082-4153129556-3089177936-1005 |
|||
3000011 |
|||
<pre> |
|||
⚫ | |||
⚫ | |||
</pre> |
|||
⚫ | |||
<pre> |
|||
⚫ | |||
⚫ | |||
</pre> |
|||
=== |
=== samba-tool: Delete Users from Samba Active Directory === |
||
⚫ | |||
<pre> |
|||
⚫ | |||
⚫ | |||
⚫ | |||
</pre> |
|||
⚫ | |||
⚫ | |||
=== samba-tool |
=== samba-tool: delete a group from Samba Active Directory === |
||
<pre> |
|||
⚫ | |||
stduser |
|||
</pre> |
|||
⚫ | |||
Added group groupname |
|||
=== samba-tool |
=== samba-tool: add members to a group in Samba Active Directory === |
||
⚫ | |||
<pre> |
|||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
~# samba-tool group add stdgroup |
|||
⚫ | |||
=== samba-tool: remove members from a group in Samba Active Directory === |
|||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
user |
|||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
---- |
|||
</pre> |
|||
[[Category:User Management]] |
Revision as of 17:48, 3 May 2019
User and Group and Computer accountd management with samba-tool
Adding Users into Samba Active Directory
You add / delete users with samba-tool
Unlike Samba 3, running Samba 4 as an AD DC or Unix AD domain member does not require a local Unix user for each Samba user that is created.
An example of adding a User + Login Profile for the user fbaggins
This assumes that ADSMember is being used as a Unix Member server that stores the profile and shares and the new users password will be P4ssw0rd*
$ samba-tool user create fbaggins P4ssw0rd* --use-username-as-cn --surname="Baggins" --given-name="Frodo" --initials=S --mail-address=fbaggins@samdom.example.com --company="Hobbiton Inc." --script-path=shire.bat --profile-path=\\\\ADSMember.samdom.example.com\\profiles\\fbaggins --home-drive=F --home-directory=\\\\ADSMember.samdom.example.com\\fbaggins --job-title="Goes there and back again"
You do not need to supply all of the above options when creating a new user. For details of available options, run samba-tool user create --help in a terminal. |
To inspect the allocated user ID and SID, use the following commands:
$ wbinfo --name-to-sid USERNAME S-1-5-21-4036476082-4153129556-3089177936-1005 SID_USER (1) $ wbinfo --sid-to-uid S-1-5-21-4036476082-4153129556-3089177936-1005 3000011
samba-tool: Delete Users from Samba Active Directory
# samba-tool user delete username
samba-tool: create a group in Samba Active Directory
~# samba-tool group add groupname Added group groupname
samba-tool: delete a group from Samba Active Directory
~# samba-tool group delete groupname Added group groupname
samba-tool: add members to a group in Samba Active Directory
~# samba-tool group addmembers "Domain Users" user[,otheruser[,thirduser[,...]]] Added members to group Domain Users
samba-tool: remove members from a group in Samba Active Directory
~# samba-tool group removemembers "Domain Users" user[,otheruser[,thirduser[,...]]] Removed members from group Domain Users
samba-tool: list members of a group in Samba Active Directory
~# samba-tool group listmembers "Domain Users" | grep username user
samba-tool: Create a user, create a group, add the user to the group in Samba Active Directory
~# samba-tool user create username User 'username' created successfully ~# samba-tool group add groupname Added group groupname ~# samba-tool group addmembers groupname username Added members to group groupname