ActiveSambaLdap 0.0.7
Sign up to get free protection for your applications and to get access to all the features.
- data/NEWS.en +40 -0
- data/NEWS.ja +44 -0
- data/README.en +366 -0
- data/README.ja +361 -0
- data/Rakefile +168 -0
- data/bin/asl-groupadd +73 -0
- data/bin/asl-groupadd.help +1 -0
- data/bin/asl-groupdel +61 -0
- data/bin/asl-groupdel.help +1 -0
- data/bin/asl-groupmod +137 -0
- data/bin/asl-groupmod.help +1 -0
- data/bin/asl-groupshow +33 -0
- data/bin/asl-groupshow.help +1 -0
- data/bin/asl-passwd +90 -0
- data/bin/asl-passwd.help +1 -0
- data/bin/asl-populate +101 -0
- data/bin/asl-populate.help +1 -0
- data/bin/asl-purge +26 -0
- data/bin/asl-purge.help +1 -0
- data/bin/asl-samba-computeradd +96 -0
- data/bin/asl-samba-computeradd.help +1 -0
- data/bin/asl-samba-groupadd +57 -0
- data/bin/asl-samba-groupadd.help +1 -0
- data/bin/asl-samba-groupdel +55 -0
- data/bin/asl-samba-groupdel.help +1 -0
- data/bin/asl-samba-groupmod +99 -0
- data/bin/asl-samba-groupmod.help +1 -0
- data/bin/asl-samba-useradd +100 -0
- data/bin/asl-samba-useradd.help +1 -0
- data/bin/asl-samba-userdel +49 -0
- data/bin/asl-samba-userdel.help +1 -0
- data/bin/asl-samba-usermod +94 -0
- data/bin/asl-samba-usermod.help +1 -0
- data/bin/asl-useradd +264 -0
- data/bin/asl-useradd.help +1 -0
- data/bin/asl-userdel +84 -0
- data/bin/asl-userdel.help +1 -0
- data/bin/asl-usermod +335 -0
- data/bin/asl-usermod.help +1 -0
- data/bin/asl-usershow +33 -0
- data/bin/asl-usershow.help +1 -0
- data/lib/active_samba_ldap.rb +42 -0
- data/lib/active_samba_ldap/account_entry.rb +208 -0
- data/lib/active_samba_ldap/base.rb +137 -0
- data/lib/active_samba_ldap/command.rb +100 -0
- data/lib/active_samba_ldap/computer.rb +24 -0
- data/lib/active_samba_ldap/computer_account_entry.rb +34 -0
- data/lib/active_samba_ldap/configuration.rb +333 -0
- data/lib/active_samba_ldap/dc.rb +19 -0
- data/lib/active_samba_ldap/entry.rb +81 -0
- data/lib/active_samba_ldap/get_text_support.rb +12 -0
- data/lib/active_samba_ldap/group.rb +17 -0
- data/lib/active_samba_ldap/group_entry.rb +187 -0
- data/lib/active_samba_ldap/idmap.rb +19 -0
- data/lib/active_samba_ldap/ou.rb +20 -0
- data/lib/active_samba_ldap/populate.rb +257 -0
- data/lib/active_samba_ldap/reloadable.rb +15 -0
- data/lib/active_samba_ldap/samba_account_entry.rb +225 -0
- data/lib/active_samba_ldap/samba_entry.rb +26 -0
- data/lib/active_samba_ldap/samba_group_entry.rb +143 -0
- data/lib/active_samba_ldap/unix_id_pool.rb +43 -0
- data/lib/active_samba_ldap/user.rb +44 -0
- data/lib/active_samba_ldap/user_account_entry.rb +30 -0
- data/lib/active_samba_ldap/version.rb +3 -0
- data/lib/samba/encrypt.rb +86 -0
- data/misc/rd2html.rb +42 -0
- data/po/ja/active-samba-ldap.po +465 -0
- data/rails/README +30 -0
- data/rails/init.rb +33 -0
- data/rails_generators/scaffold_active_samba_ldap/scaffold_active_samba_ldap_generator.rb +27 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/computer.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/dc.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/group.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/idmap.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/ldap.yml +24 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/ou.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_controller.rb +12 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_helper.rb +2 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_index.rhtml +17 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_populate.rhtml +15 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/samba_purge.rhtml +10 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/unix_id_pool.rb +3 -0
- data/rails_generators/scaffold_active_samba_ldap/templates/user.rb +3 -0
- data/setup.rb +1585 -0
- data/test-unit/History.txt +107 -0
- data/test-unit/README.txt +52 -0
- data/test-unit/Rakefile +40 -0
- data/test-unit/TODO +5 -0
- data/test-unit/bin/testrb +5 -0
- data/test-unit/lib/test/unit.rb +342 -0
- data/test-unit/lib/test/unit/assertionfailederror.rb +14 -0
- data/test-unit/lib/test/unit/assertions.rb +1149 -0
- data/test-unit/lib/test/unit/attribute.rb +125 -0
- data/test-unit/lib/test/unit/autorunner.rb +329 -0
- data/test-unit/lib/test/unit/collector.rb +43 -0
- data/test-unit/lib/test/unit/collector/descendant.rb +23 -0
- data/test-unit/lib/test/unit/collector/dir.rb +108 -0
- data/test-unit/lib/test/unit/collector/load.rb +135 -0
- data/test-unit/lib/test/unit/collector/objectspace.rb +34 -0
- data/test-unit/lib/test/unit/color-scheme.rb +86 -0
- data/test-unit/lib/test/unit/color.rb +96 -0
- data/test-unit/lib/test/unit/diff.rb +538 -0
- data/test-unit/lib/test/unit/error.rb +124 -0
- data/test-unit/lib/test/unit/exceptionhandler.rb +39 -0
- data/test-unit/lib/test/unit/failure.rb +110 -0
- data/test-unit/lib/test/unit/fixture.rb +176 -0
- data/test-unit/lib/test/unit/notification.rb +125 -0
- data/test-unit/lib/test/unit/omission.rb +143 -0
- data/test-unit/lib/test/unit/pending.rb +146 -0
- data/test-unit/lib/test/unit/priority.rb +181 -0
- data/test-unit/lib/test/unit/runner/console.rb +52 -0
- data/test-unit/lib/test/unit/runner/emacs.rb +8 -0
- data/test-unit/lib/test/unit/testcase.rb +425 -0
- data/test-unit/lib/test/unit/testresult.rb +89 -0
- data/test-unit/lib/test/unit/testsuite.rb +110 -0
- data/test-unit/lib/test/unit/ui/console/outputlevel.rb +14 -0
- data/test-unit/lib/test/unit/ui/console/testrunner.rb +223 -0
- data/test-unit/lib/test/unit/ui/emacs/testrunner.rb +49 -0
- data/test-unit/lib/test/unit/ui/testrunner.rb +20 -0
- data/test-unit/lib/test/unit/ui/testrunnermediator.rb +77 -0
- data/test-unit/lib/test/unit/ui/testrunnerutilities.rb +41 -0
- data/test-unit/lib/test/unit/util/backtracefilter.rb +41 -0
- data/test-unit/lib/test/unit/util/method-owner-finder.rb +28 -0
- data/test-unit/lib/test/unit/util/observable.rb +90 -0
- data/test-unit/lib/test/unit/util/procwrapper.rb +48 -0
- data/test-unit/lib/test/unit/version.rb +7 -0
- data/test-unit/sample/adder.rb +13 -0
- data/test-unit/sample/subtracter.rb +12 -0
- data/test-unit/sample/tc_adder.rb +18 -0
- data/test-unit/sample/tc_subtracter.rb +18 -0
- data/test-unit/sample/test_user.rb +22 -0
- data/test-unit/sample/ts_examples.rb +7 -0
- data/test-unit/test/collector/test-descendant.rb +135 -0
- data/test-unit/test/collector/test-load.rb +333 -0
- data/test-unit/test/collector/test_dir.rb +406 -0
- data/test-unit/test/collector/test_objectspace.rb +98 -0
- data/test-unit/test/run-test.rb +13 -0
- data/test-unit/test/test-attribute.rb +86 -0
- data/test-unit/test/test-color-scheme.rb +56 -0
- data/test-unit/test/test-color.rb +47 -0
- data/test-unit/test/test-diff.rb +477 -0
- data/test-unit/test/test-emacs-runner.rb +60 -0
- data/test-unit/test/test-fixture.rb +287 -0
- data/test-unit/test/test-notification.rb +33 -0
- data/test-unit/test/test-omission.rb +81 -0
- data/test-unit/test/test-pending.rb +70 -0
- data/test-unit/test/test-priority.rb +119 -0
- data/test-unit/test/test-testcase.rb +507 -0
- data/test-unit/test/test_assertions.rb +1082 -0
- data/test-unit/test/test_error.rb +26 -0
- data/test-unit/test/test_failure.rb +33 -0
- data/test-unit/test/test_testresult.rb +113 -0
- data/test-unit/test/test_testsuite.rb +129 -0
- data/test-unit/test/testunit-test-util.rb +14 -0
- data/test-unit/test/ui/test_testrunmediator.rb +20 -0
- data/test-unit/test/util/test-method-owner-finder.rb +38 -0
- data/test-unit/test/util/test_backtracefilter.rb +41 -0
- data/test-unit/test/util/test_observable.rb +102 -0
- data/test-unit/test/util/test_procwrapper.rb +36 -0
- data/test/asl-test-utils.rb +276 -0
- data/test/command.rb +67 -0
- data/test/config.yaml.sample +17 -0
- data/test/run-test.rb +20 -0
- data/test/test_asl_groupadd.rb +69 -0
- data/test/test_asl_groupdel.rb +88 -0
- data/test/test_asl_groupmod.rb +259 -0
- data/test/test_asl_groupshow.rb +21 -0
- data/test/test_asl_passwd.rb +126 -0
- data/test/test_asl_populate.rb +92 -0
- data/test/test_asl_purge.rb +21 -0
- data/test/test_asl_useradd.rb +712 -0
- data/test/test_asl_userdel.rb +75 -0
- data/test/test_asl_usermod.rb +549 -0
- data/test/test_asl_usershow.rb +27 -0
- data/test/test_entry.rb +21 -0
- data/test/test_group.rb +21 -0
- data/test/test_password.rb +51 -0
- data/test/test_samba_encrypt.rb +35 -0
- data/test/test_user_home_directory.rb +43 -0
- metadata +314 -0
data/NEWS.en
ADDED
@@ -0,0 +1,40 @@
|
|
1
|
+
= NEWS.en
|
2
|
+
|
3
|
+
$Id: NEWS.en 163 2009-07-12 03:10:44Z kou $
|
4
|
+
|
5
|
+
== 0.0.7: 2009-07-18
|
6
|
+
|
7
|
+
* Supported ActiveLdap 1.1.0.
|
8
|
+
|
9
|
+
== 0.0.6: 2008-06-18
|
10
|
+
|
11
|
+
* Supported ActiveLdap 1.0.1.
|
12
|
+
* Supported ActiveSupport 2.1.0.
|
13
|
+
|
14
|
+
== 0.0.5: 2007-11-19
|
15
|
+
|
16
|
+
* Supported Ruby/ActiveLdap 0.9.0.
|
17
|
+
|
18
|
+
== 0.0.4: 2007-09-16
|
19
|
+
|
20
|
+
* Supported Ruby/ActiveLdap 0.8.3.1.
|
21
|
+
* Supported Ruby-GetText-Package.
|
22
|
+
* scaffold_asl -> scaffold_active_samba_ldap
|
23
|
+
* Improved Rails support.
|
24
|
+
|
25
|
+
== 0.0.3: 2007-05-26
|
26
|
+
|
27
|
+
* Fixed a typo of Ruby/ActiveLDAP's RubyGems name.
|
28
|
+
* Supported Ruby/AtiveLDAP 0.8.2.
|
29
|
+
* Integrated ActiveLdap::User, ActiveLdap::Computer and ActiveLdap::Group
|
30
|
+
with ActiveLdap::SambaUser, ActiveLdap::SambaComputer and
|
31
|
+
ActiveLdap::SambaGroup.
|
32
|
+
|
33
|
+
== 0.0.2: 2007-01-29
|
34
|
+
|
35
|
+
* Supported ActiveSupport 1.4.0.
|
36
|
+
* Fixed a typo of Ruby/ActiveLDAP's RubyGems name.
|
37
|
+
|
38
|
+
== 0.0.1: 2006-11-17
|
39
|
+
|
40
|
+
* Initial release.
|
data/NEWS.ja
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
= NEWS.ja
|
2
|
+
|
3
|
+
$Id: NEWS.ja 163 2009-07-12 03:10:44Z kou $
|
4
|
+
|
5
|
+
== 0.0.7: 2009-07-18
|
6
|
+
|
7
|
+
* ActiveLdap 1.1.0対応。
|
8
|
+
|
9
|
+
== 0.0.6: 2008-06-18
|
10
|
+
|
11
|
+
* ActiveLdap 1.0.1対応。
|
12
|
+
* ActiveSupport 2.1.0対応。
|
13
|
+
|
14
|
+
== 0.0.5: 2007-11-19
|
15
|
+
|
16
|
+
* Ruby/ActiveLdap 0.9.0対応。
|
17
|
+
|
18
|
+
== 0.0.4: 2007-09-16
|
19
|
+
|
20
|
+
* Ruby/ActiveLdap 0.8.3.1対応。
|
21
|
+
* Ruby-GetText-Package対応。
|
22
|
+
* scaffold_asl -> scaffold_active_samba_ldap
|
23
|
+
* Rails対応を強化。
|
24
|
+
|
25
|
+
== 0.0.3: 2007-05-26
|
26
|
+
|
27
|
+
* Ruby/ActiveLDAPのRubyGems名を修正.
|
28
|
+
* Ruby/ActiveLDAP 0.8.2対応。
|
29
|
+
* ActiveSambaLdap::SambaUser,
|
30
|
+
ActiveSambaLdap::SambaComputer,
|
31
|
+
ActiveSambaLdap::SambaGroupを廃止し、
|
32
|
+
ActiveSambaLdap::User,
|
33
|
+
ActiveSambaLdap::Computer,
|
34
|
+
ActiveSambaLdap::Groupへ一本化。
|
35
|
+
|
36
|
+
== 0.0.2: 2007-01-29
|
37
|
+
|
38
|
+
* ActiveSupport 1.4.0のサポート.
|
39
|
+
* Ruby/ActiveLDAPのRubyGems名を修正.
|
40
|
+
|
41
|
+
== 0.0.1: 2006-11-17
|
42
|
+
|
43
|
+
* 最初のリリース.
|
44
|
+
|
data/README.en
ADDED
@@ -0,0 +1,366 @@
|
|
1
|
+
= README.en
|
2
|
+
|
3
|
+
$Id: README.en 160 2009-07-11 00:43:32Z kou $
|
4
|
+
|
5
|
+
== Name
|
6
|
+
|
7
|
+
ActiveSambaLdap
|
8
|
+
|
9
|
+
== Description
|
10
|
+
|
11
|
+
ActiveSambaLdap is a library and a management tool for Samba +
|
12
|
+
LDAP environment.
|
13
|
+
|
14
|
+
ActiveSambaLdap provides object-oriented API to manipulate
|
15
|
+
LDAP entry for Samba. ActiveSambaLdap also provides
|
16
|
+
command-line tools to replace smbldap-tools written by Perl.
|
17
|
+
|
18
|
+
== Author
|
19
|
+
|
20
|
+
Kouhei Sutou <tt><kou@clear-code.com></tt>
|
21
|
+
|
22
|
+
== Licence
|
23
|
+
|
24
|
+
Ruby's.
|
25
|
+
|
26
|
+
== Dependency libraries
|
27
|
+
|
28
|
+
* ActiveLdap >= 1.1.0
|
29
|
+
|
30
|
+
== Install
|
31
|
+
|
32
|
+
% sudo gem install activesambaldap
|
33
|
+
|
34
|
+
== Mailing list
|
35
|
+
|
36
|
+
asl-devel@rubyforge.org
|
37
|
+
|
38
|
+
http://rubyforge.org/mailman/listinfo/asl-devel/
|
39
|
+
|
40
|
+
== Reference manual
|
41
|
+
|
42
|
+
http://asl.rubyforge.org/activesambaldap/
|
43
|
+
|
44
|
+
== Usage
|
45
|
+
|
46
|
+
=== Use with Rails
|
47
|
+
|
48
|
+
First, install ActiveSambaLdap plugin for Rails. And modify
|
49
|
+
the following URL because the URL is for trunk.
|
50
|
+
|
51
|
+
% script/plugin install svn://rubyforge.org/var/svn/asl/trunk/rails/plugin/active_samba_ldap
|
52
|
+
|
53
|
+
Next, scaffold the environment of ActiveSambaLdap for Rails.
|
54
|
+
|
55
|
+
% script/generate scaffold_active_samba_ldap
|
56
|
+
|
57
|
+
Modify config/ldap.yml generated by
|
58
|
+
scaffold_active_samba_ldap to adapt to your environment. See
|
59
|
+
"Options in configuration file" section to find available
|
60
|
+
options.
|
61
|
+
|
62
|
+
==== Populate
|
63
|
+
|
64
|
+
First, need to populate your Samba + LDAP environment.
|
65
|
+
Access http://localhost:3000/samba after invoking Rails by
|
66
|
+
script/server and so on. And populate your Samba + LDAP
|
67
|
+
environment by following "Populate Samba + LDAP environment"
|
68
|
+
link.
|
69
|
+
|
70
|
+
And you can development your applications with
|
71
|
+
User/Computer/Group classes. You can develop like with
|
72
|
+
ActiveRecord.
|
73
|
+
|
74
|
+
=== Use from command line
|
75
|
+
|
76
|
+
Use asl-* commands. You'll don't use asl-samba-* commands
|
77
|
+
from command line because they are for smb.conf.
|
78
|
+
|
79
|
+
==== Configuration
|
80
|
+
|
81
|
+
First, modify configuration file to adapt to your
|
82
|
+
environment. You can confirm default configuration files by
|
83
|
+
invoking asl-* commands with --help option. For example, you
|
84
|
+
can use asl-populate.
|
85
|
+
|
86
|
+
% asl-populate --help
|
87
|
+
...
|
88
|
+
--config=CONFIG Specify configuration file
|
89
|
+
Default configuration files:
|
90
|
+
/etc/activesambaldap/config.yaml
|
91
|
+
/etc/activesambaldap/bind.yaml
|
92
|
+
/home/kou/.activesambaldap.conf
|
93
|
+
/home/kou/.activesambaldap.bind
|
94
|
+
...
|
95
|
+
|
96
|
+
Configuration files are read from the above files to the
|
97
|
+
below files. Configurations are overridden by latter
|
98
|
+
configuration files. In the above example, configuration
|
99
|
+
files are read by the following order:
|
100
|
+
|
101
|
+
* /etc/activesambaldap/config.yaml
|
102
|
+
* /etc/activesambaldap/bind.yaml
|
103
|
+
* /home/kou/.activesambaldap.conf
|
104
|
+
* /home/kou/.activesambaldap.bind
|
105
|
+
|
106
|
+
The reason why bind.yaml and *.bind are read after
|
107
|
+
config.yaml and *.conf is for security. You should write
|
108
|
+
opened configurations (host name, port number and so on)
|
109
|
+
into config.yaml and *.conf, closed configurations (user
|
110
|
+
name, password and so on) into bind.yaml and *.bind. And you
|
111
|
+
should set suitable permission to bind.yaml and *.bind.
|
112
|
+
|
113
|
+
==== Format of configuration file
|
114
|
+
|
115
|
+
Use YAML format. There are three sections:
|
116
|
+
|
117
|
+
update:
|
118
|
+
# configurations for updating LDAP entries
|
119
|
+
...
|
120
|
+
|
121
|
+
reference:
|
122
|
+
# configurations for referring LDAP entries
|
123
|
+
...
|
124
|
+
|
125
|
+
common:
|
126
|
+
# configurations to share for updating/referring
|
127
|
+
...
|
128
|
+
|
129
|
+
For example:
|
130
|
+
|
131
|
+
common:
|
132
|
+
sid: S-1-5-21-915876905-2926214379-2876160357
|
133
|
+
base: dc=samba,dc=local,dc=net
|
134
|
+
host: localhost
|
135
|
+
method: :tls
|
136
|
+
|
137
|
+
update:
|
138
|
+
bind_dn: cn=admin,dc=local,dc=net
|
139
|
+
password: admin
|
140
|
+
|
141
|
+
reference:
|
142
|
+
allow_anonymous: true
|
143
|
+
|
144
|
+
It's best that you write 'password' configuration into
|
145
|
+
bind.yaml *.bind.
|
146
|
+
|
147
|
+
You must configure 'base'. And you should configure
|
148
|
+
'sid'. You can find your SID by the following command:
|
149
|
+
|
150
|
+
% sudo net getlocalsid
|
151
|
+
|
152
|
+
It's inefficiency that sid isn't configured because 'net
|
153
|
+
getlocalsid' is invoked each time.
|
154
|
+
|
155
|
+
==== Options in configuration file
|
156
|
+
|
157
|
+
The following options are available:
|
158
|
+
|
159
|
+
[_base_]
|
160
|
+
Same as the option of ActiveLdap::Base.setup_connection.
|
161
|
+
[_host_]
|
162
|
+
Same as the option of ActiveLdap::Base.setup_connection.
|
163
|
+
[_port_]
|
164
|
+
Same as the option of ActiveLdap::Base.setup_connection.
|
165
|
+
[_scope_]
|
166
|
+
Same as the option of ActiveLdap::Base.setup_connection.
|
167
|
+
[_bind_dn_]
|
168
|
+
Same as the option of ActiveLdap::Base.setup_connection.
|
169
|
+
[_password_]
|
170
|
+
Same as the option of ActiveLdap::Base.setup_connection.
|
171
|
+
[_method_]
|
172
|
+
Same as the option of ActiveLdap::Base.setup_connection.
|
173
|
+
[_allow_anonymous_]
|
174
|
+
Same as the option of ActiveLdap::Base.setup_connection.
|
175
|
+
|
176
|
+
[_sid_]
|
177
|
+
SID(Security Identifier) of your Samba server.
|
178
|
+
[_smb_conf_]
|
179
|
+
The path of smb.conf for your Samba server.
|
180
|
+
[_samba_domain_]
|
181
|
+
Domain name of your Samba server.
|
182
|
+
[_samba_netbios_name_]
|
183
|
+
NetBIOS name of your Samba server.
|
184
|
+
|
185
|
+
[_password_hash_type_]
|
186
|
+
Algorithm for hashing password in LDAP. Available
|
187
|
+
algorithms are +:crypt+, +:md5+, +:smd5+, +:sha+ and
|
188
|
+
+:ssha+.
|
189
|
+
|
190
|
+
Password in LDAP is used for recognition in UNIX not Samba.
|
191
|
+
|
192
|
+
Default algorithm: +:ssha+
|
193
|
+
|
194
|
+
[_users_suffix_]
|
195
|
+
Tree for user entries in LDAP. Specify relative path for
|
196
|
+
base.
|
197
|
+
|
198
|
+
For example: <tt>"ou=Users"</tt>
|
199
|
+
|
200
|
+
[_groups_suffix_]
|
201
|
+
Tree for group entries in LDAP. Specify relative path for
|
202
|
+
base.
|
203
|
+
|
204
|
+
For example: <tt>"ou=Groups"</tt>
|
205
|
+
|
206
|
+
[_computers_suffix_]
|
207
|
+
Tree for computer entries in LDAP. Specify relative path for
|
208
|
+
base.
|
209
|
+
|
210
|
+
For example: <tt>"ou=Computers"</tt>
|
211
|
+
|
212
|
+
[_idmap_suffix_]
|
213
|
+
Tree for idmap entries in LDAP. Specify relative path for
|
214
|
+
base.
|
215
|
+
|
216
|
+
For example: <tt>"ou=Idmap"</tt>
|
217
|
+
|
218
|
+
[_start_uid_]
|
219
|
+
UID (User Identifier) for making new user. Next new
|
220
|
+
user's default UID is incremented after making new
|
221
|
+
user.
|
222
|
+
|
223
|
+
Default: <tt>10000</tt>
|
224
|
+
|
225
|
+
[_start_gid_]
|
226
|
+
GID (Group Identifier) for making new group. Next new
|
227
|
+
group's default GID is incremented after making new
|
228
|
+
group.
|
229
|
+
|
230
|
+
Default: <tt>10000</tt>
|
231
|
+
|
232
|
+
[_user_login_shell_]
|
233
|
+
Default login shell for new user.
|
234
|
+
|
235
|
+
Default: <tt>"/bin/false"</tt>
|
236
|
+
|
237
|
+
[_user_home_directory_]
|
238
|
+
Default home directory for new user. %U is substituted
|
239
|
+
with the user name.
|
240
|
+
|
241
|
+
Default: <tt>"/home/%U"<tt>
|
242
|
+
[_user_home_directory_mode_]
|
243
|
+
Default permission of user's home directory.
|
244
|
+
|
245
|
+
Default: <tt>0755</tt> (octal notation)
|
246
|
+
|
247
|
+
[_user_gecos_]
|
248
|
+
Default GECOS field value for new user. %U is substituted
|
249
|
+
with user name.
|
250
|
+
|
251
|
+
[_user_home_unc_]
|
252
|
+
Default path for user's home in Windows. The path should
|
253
|
+
be specified by UNC (Universal Naming Convention). %U is
|
254
|
+
substituted with user name.
|
255
|
+
|
256
|
+
Default: <tt>"\\\\NetBIOS name of your Samba server\\%U"</tt>.
|
257
|
+
|
258
|
+
[_user_profile_]
|
259
|
+
Default path of user profile specified by
|
260
|
+
UNC (Universal Naming Convention). %U is substituted by
|
261
|
+
the user name.
|
262
|
+
|
263
|
+
Default: <tt>"\\\\NetBIOS name Samba server\\profiles\\%U"</tt>
|
264
|
+
|
265
|
+
[_user_home_drive_]
|
266
|
+
Default drive name of user's home.
|
267
|
+
|
268
|
+
Default: <tt>"H:"<tt>
|
269
|
+
|
270
|
+
[_user_logon_script_]
|
271
|
+
Default script name that is invoked when user
|
272
|
+
logon.
|
273
|
+
|
274
|
+
Default: <tt>"logon.bat"</tt>
|
275
|
+
|
276
|
+
[_skeleton_directory_]
|
277
|
+
Default skeleton directory for making user's home
|
278
|
+
directory.
|
279
|
+
|
280
|
+
Default: <tt>"/etc/skel"</tt>
|
281
|
+
|
282
|
+
[_default_user_gid_]
|
283
|
+
Default GID of group to which user belongs.
|
284
|
+
|
285
|
+
Default: <tt>"Domain Users"</tt> group
|
286
|
+
|
287
|
+
[_default_computer_gid_]
|
288
|
+
Default GID of group to which computer belongs.
|
289
|
+
|
290
|
+
Default: <tt>"Domain Computers"</tt> group
|
291
|
+
|
292
|
+
==== Populate
|
293
|
+
|
294
|
+
You need to populate your Samba + LDAP environment by
|
295
|
+
invoking asl-populate before administrate your Samba + LDAP
|
296
|
+
with asl-*.
|
297
|
+
|
298
|
+
% sudo asl-populate
|
299
|
+
|
300
|
+
You can use the following command if you don't need to root
|
301
|
+
authorization. (root authorization check may be needed...)
|
302
|
+
|
303
|
+
% fakeroot asl-populate
|
304
|
+
|
305
|
+
==== Administrate
|
306
|
+
|
307
|
+
Use asl-user*, asl-group*, asl-populate,
|
308
|
+
asl-purge and asl-password. Use --help options for more detail.
|
309
|
+
|
310
|
+
==== Configuration of smb.conf
|
311
|
+
|
312
|
+
You need to configure you smb.conf like the following if you
|
313
|
+
want to administrate with
|
314
|
+
Srvtools[http://support.microsoft.com/kb/173673/]
|
315
|
+
from Windows or make Samba server domain controller.
|
316
|
+
Use asl-samba-* for those propose.
|
317
|
+
|
318
|
+
passdb backend = ldapsam:ldap://127.0.0.0
|
319
|
+
ldap admin dn = cn=admin,dc=local,dc=net
|
320
|
+
ldap suffix = dc=samba,dc=local,dc=net
|
321
|
+
ldap user suffix = ou=Users
|
322
|
+
ldap group suffix = ou=Groups
|
323
|
+
ldap machine suffix = ou=Computers
|
324
|
+
ldap idmap suffix = ou=Idmap
|
325
|
+
ldap passwd sync = yes
|
326
|
+
|
327
|
+
admin users = "@Domain Admins"
|
328
|
+
add user script = /.../asl-samba-useradd "%u"
|
329
|
+
delete user script = /.../asl-samba-userdel "%u"
|
330
|
+
add group script = /.../asl-samba-groupadd "%g"
|
331
|
+
delete group script = /.../asl-samba-groupdel "%g"
|
332
|
+
add user to group script = /.../asl-samba-groupmod "%g" --add-members "%u"
|
333
|
+
delete user from group script = /.../asl-samba-groupmod "%g" --delete-members "%u"
|
334
|
+
set primary group script = /.../asl-samba-usermod "%u" --gid "%g"
|
335
|
+
add machine script = /.../asl-samba-computeradd "%u"
|
336
|
+
|
337
|
+
You need to set LDAP administrator password by the following
|
338
|
+
command before invoke your Samba server.
|
339
|
+
|
340
|
+
% sudo /usr/bin/smbpasswd -W
|
341
|
+
|
342
|
+
== Trouble shootings
|
343
|
+
|
344
|
+
=== Groups aren't listed
|
345
|
+
|
346
|
+
You can list groups by the following command:
|
347
|
+
|
348
|
+
% net rpc group list --user=USER_NAME
|
349
|
+
|
350
|
+
If no groups listed by the above command after you execute
|
351
|
+
asl-populate, please confirm the following:
|
352
|
+
|
353
|
+
* Is your samba.schema old?
|
354
|
+
|
355
|
+
If your sambaSID entry in your samba.schema doesn't have
|
356
|
+
the following configuration, your samba.schema may be old.
|
357
|
+
Please update your samba.schema.
|
358
|
+
|
359
|
+
SUBSTR caseExactIA5SubstringsMatch
|
360
|
+
|
361
|
+
== Thanks
|
362
|
+
|
363
|
+
* Henrik Krög: He reported some bugs.
|
364
|
+
* Olivier DIRRENBERGER: He reported a bug.
|
365
|
+
* Francesco Malvezzi: He reported some bugs.
|
366
|
+
* Kazuhiro NISHIYAMA: He reported some bugs.
|