control: tag -1 - moreinfo Hi Holger, On Di 06 Aug 2013 22:48:43 CEST Holger Levsen wrote:
control: tags -1 + moreinfo Hi, On Dienstag, 6. August 2013, Mike Gabriel wrote:Because it is the script that gets triggered by Samba whenever new Windows workstation attempt to join the SKOLELINUX NT-Domain. To make this attempt a success smbldap-machineadd-gosa adds an object to LDAP with default settings for a Gosa-Samba-Machine account. Theses settings then get filled with Samba during the domain join up.why the fork?
Because smbldap-useradd does not cover the objectClasses / attributeDescriptions required by GOsa² to recognize the SMB-machine object.
See patch below that shows the fork... (patch has been created on a squeeze-TJENER).
Best, Mike """ --- /usr/sbin/smbldap-useradd 2009-10-15 21:34:13.000000000 +0200 +++ /etc/samba/smbldap-machineadd-gosa 2011-08-27 18:21:48.000000000 +0200 @@ -1,5 +1,17 @@ #!/usr/bin/perl -w +# This script has been taken von smbldap-tools 0.9.5, its original name +# is smbldap-useradd. It has been modified so that machine accounts can +# be created and so that they will be compliant to the pre-requisites of +# GOsa as in Debian Edu squeeze. +# +# This script depends on package smbldap-tools (i.e. on its +# smbldap_tool.pm). +# +# Modifcations have been done by several people, initially by +# Mike Gabriel <mike.gabriel@das-netzwerkteam.de> +# + # This code was developped by Jerome Tournier (jtournier@gmail.com) and # contributors (their names can be found in the CONTRIBUTORS file). @@ -34,8 +46,42 @@ use Getopt::Std; my %Options; +# success = add_posix_machine($user, $uid, $gid) +sub add_posix_machine_gosa { + my ( $user, $uid, $gid, $wait ) = @_; + if ( !defined $wait ) { + $wait = 0; + } + + # bind to a directory with dn and password + my $add = $smbldap_tools::ldap->add( + "uid=$user,$config{computersdn}", + attr => [ ++ 'objectclass' => ['top', 'person', 'organizationalPerson', 'inetOrgPerson', 'posixAccount', 'gotoWorkstation'],
+ #'objectclass' => [ 'top', 'account', 'posixAccount' ], + 'cn' => "$user", + + 'sn' => "$user", + 'uid' => "$user", + 'uidNumber' => "$uid", + 'gidNumber' => "$gid", + 'homeDirectory' => '/dev/null', + 'loginShell' => '/bin/false', + 'description' => 'Computer', + 'gecos' => 'Computer', + 'sn' => 'Computer', + ] + ); + + $add->code && warn "failed to add entry: ", $add->error; + sleep($wait); + return 1; +} + + my $ok =- getopts( 'o:abnmwWiPG:u:g:d:s:c:k:t:A:B:C:D:E:F:H:L:M:N:S:T:?', \%Options ); + getopts( 'o:abnmwWiPG:u:g:d:s:c:k:t:A:B:C:D:E:F:H:L:M:N:S:T:Z:?', \%Options );
if ( ( !$ok ) || ( @ARGV < 1 ) || ( $Options{'?'} ) ) { print_banner; @@ -304,7 +350,7 @@ } if ( - !add_posix_machine( + !add_posix_machine_gosa( $userName, $userUidNumber, $userGidNumber, $Options{'t'} ) ) @@ -342,8 +388,9 @@ changes => [ replace => [ objectClass => - [ 'posixAccount', 'account', 'sambaSAMAccount' ]+ [ 'top', 'posixAccount', 'person', 'organizationalPerson', 'inetOrgPerson', 'gosaAccount', 'sambaSamAccount', 'shadowAccount' ]
], + add => [ sn => 'Computer' ], add => [ sambaLogonTime => '0' ], add => [ sambaLogoffTime => '2147483647' ], add => [ sambaKickoffTime => '2147483647' ], @@ -367,8 +414,9 @@ changes => [ replace => [ objectClass => - [ 'posixAccount', 'account', 'sambaSAMAccount' ]+ [ 'top', 'posixAccount', 'person', 'organizationalPerson', 'inetOrgPerson', 'gosaAccount', 'sambaSamAccount', 'shadowAccount' ]
], + add => [ sn => 'Computer' ], add => [ sambaLogonTime => '0' ], add => [ sambaLogoffTime => '2147483647' ], add => [ sambaKickoffTime => '2147483647' ], """ -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
Attachment:
pgp00n6kGXoYz.pgp
Description: Digitale PGP-Unterschrift