control: tag -1 - moreinfo Hi Holger, On Di 06 Aug 2013 22:48:43 CEST Holger Levsen wrote:
control: tags -1 + moreinfo Hi, On Dienstag, 6. August 2013, Mike Gabriel wrote:Because it is the script that gets triggered by Samba whenever new Windows workstation attempt to join the SKOLELINUX NT-Domain. To make this attempt a success smbldap-machineadd-gosa adds an object to LDAP with default settings for a Gosa-Samba-Machine account. Theses settings then get filled with Samba during the domain join up.why the fork?
Because smbldap-useradd does not cover the objectClasses / attributeDescriptions required by GOsa² to recognize the SMB-machine object.
See patch below that shows the fork... (patch has been created on a squeeze-TJENER).
Best,
Mike
"""
--- /usr/sbin/smbldap-useradd 2009-10-15 21:34:13.000000000 +0200
+++ /etc/samba/smbldap-machineadd-gosa 2011-08-27 18:21:48.000000000 +0200
@@ -1,5 +1,17 @@
#!/usr/bin/perl -w
+# This script has been taken von smbldap-tools 0.9.5, its original name
+# is smbldap-useradd. It has been modified so that machine accounts can
+# be created and so that they will be compliant to the pre-requisites of
+# GOsa as in Debian Edu squeeze.
+#
+# This script depends on package smbldap-tools (i.e. on its
+# smbldap_tool.pm).
+#
+# Modifcations have been done by several people, initially by
+# Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
+#
+
# This code was developped by Jerome Tournier (jtournier@gmail.com) and
# contributors (their names can be found in the CONTRIBUTORS file).
@@ -34,8 +46,42 @@
use Getopt::Std;
my %Options;
+# success = add_posix_machine($user, $uid, $gid)
+sub add_posix_machine_gosa {
+ my ( $user, $uid, $gid, $wait ) = @_;
+ if ( !defined $wait ) {
+ $wait = 0;
+ }
+
+ # bind to a directory with dn and password
+ my $add = $smbldap_tools::ldap->add(
+ "uid=$user,$config{computersdn}",
+ attr => [
+
+ 'objectclass' => ['top', 'person',
'organizationalPerson', 'inetOrgPerson', 'posixAccount',
'gotoWorkstation'],
+ #'objectclass' => [ 'top', 'account', 'posixAccount' ], + 'cn' => "$user", + + 'sn' => "$user", + 'uid' => "$user", + 'uidNumber' => "$uid", + 'gidNumber' => "$gid", + 'homeDirectory' => '/dev/null', + 'loginShell' => '/bin/false', + 'description' => 'Computer', + 'gecos' => 'Computer', + 'sn' => 'Computer', + ] + ); + + $add->code && warn "failed to add entry: ", $add->error; + sleep($wait); + return 1; +} + + my $ok =- getopts( 'o:abnmwWiPG:u:g:d:s:c:k:t:A:B:C:D:E:F:H:L:M:N:S:T:?', \%Options ); + getopts( 'o:abnmwWiPG:u:g:d:s:c:k:t:A:B:C:D:E:F:H:L:M:N:S:T:Z:?', \%Options );
if ( ( !$ok ) || ( @ARGV < 1 ) || ( $Options{'?'} ) ) {
print_banner;
@@ -304,7 +350,7 @@
}
if (
- !add_posix_machine(
+ !add_posix_machine_gosa(
$userName, $userUidNumber, $userGidNumber, $Options{'t'}
)
)
@@ -342,8 +388,9 @@
changes => [
replace => [
objectClass =>
- [ 'posixAccount', 'account', 'sambaSAMAccount' ]
+ [ 'top', 'posixAccount', 'person',
'organizationalPerson', 'inetOrgPerson', 'gosaAccount',
'sambaSamAccount', 'shadowAccount' ]
],
+ add => [ sn => 'Computer' ],
add => [ sambaLogonTime => '0' ],
add => [ sambaLogoffTime => '2147483647' ],
add => [ sambaKickoffTime => '2147483647' ],
@@ -367,8 +414,9 @@
changes => [
replace => [
objectClass =>
- [ 'posixAccount', 'account', 'sambaSAMAccount' ]
+ [ 'top', 'posixAccount', 'person',
'organizationalPerson', 'inetOrgPerson', 'gosaAccount',
'sambaSamAccount', 'shadowAccount' ]
],
+ add => [ sn => 'Computer' ],
add => [ sambaLogonTime => '0' ],
add => [ sambaLogoffTime => '2147483647' ],
add => [ sambaKickoffTime => '2147483647' ],
"""
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfbAttachment:
pgp00n6kGXoYz.pgp
Description: Digitale PGP-Unterschrift