Add user and group using smbldap-useradd and smbldap-groupadd
smbldap-useradd is the scripts for adding users, the parameters available is as follow: | option | definition | example | default value | | -a | create a Windows account. Otherwise, only a Posix account is created | | | | -w | create a Windows Workstation account | | | | -i | create an interdomain trust account. See section 4.4 for more details | | | | -u | set a uid value | -u 1003 | first uid available | | -g | set a gid value | -g 1003 | first gid available | | -G | add the new account to one or several supplementary groups (comma-separated) | -G 512,550 | | | -d | set the home directory | -d /var/user | $userHomePrefix/user | | -s | set the login shell | -s /bin/ksh | $userLoginShell | | -c | set the user gecos | -c "admin user" | $userGecos | | -m | creates user's home directory and copies /etc/skel into it | | | | -k | set the skeleton dir (with -m) | -k /etc/skel2 | $skeletonDir | | -P | ends by invoking smbldap-passwd to set the user's password | | | | -A | user can change password ? 0 if no, 1 if yes | -A 1 | | | -B | user must change password at first session ? 0 if no, 1 if yes | -B 1 | | | -C | set the samba home share | -C \\PDC\homes | $userSmbHome | | -D | set a letter associated with the home share | -D H: | $userHomeDrive | | -E | set DOS script to execute on login | -E common.bat | $userScript | | -F | set the profile directory | -F \\PDC\profiles\user | $userProfile | | -H | set the samba account control bits like'[NDHTUMWSLKI]' | -H [X] | | | -N | set the canonical name of the user | | | | -S | set the surname of the user | | | | -M | local mailAddress (comma seperated) | -M testuser,aliasuser | | | -T | forward mail address (comma seperated) | -T testuser@domain.org | |
smbldap-groupadd will add a group to the ldap directory, the following is its parameters:
| option | definition | example | | -a | add automatic group mapping entry | | | -g gid | set the gidNumer for this group to gid | -g 1002 | | -o | gidNumber is not unique | | | -r group-rid | set the rid of the group to group-rid | -r 1002 | | -s group-sid | set the sid of the group to group-sid | -s S-1-5-21-3703471949-3718591838-2324585696-1002 | | -t group-type | set the sambaGroupType to group-type | -t 2 | | -p | print the gidNumber to stdout | |
The two script are often combined together to add a new user and assign it to a group. Here we present several scenario that the command can be used:
Add a linux userTo add a linux user named user1 to the directory:
smbldap-groupadd user1
smbldap-useradd -g "user1" -m user1
smbldap-passwd user1
Add a windows userTo add a windows user named user2, who belongs to the default group (513, system user) and doesn't have a login shell and a home directory /dev/null to the directory:
smbldap-useradd -a -m -s /bin/false -d /dev/null -F "" -P user2
To add a user named user 3 who is both a windows and linux user:
smbldap-groupadd user3
smbldap-useradd -a -g "user3" -m -P user3
Add a system userTo add a system user named nagios, which belongs to the group nagios and does not have a login shell and home directory:
smbldap-groupadd nagios
smbldap-useradd -s /bin/false -g "nagios" nagios
Add a windows machineA windows machine can be added into the directory for it to join the domain:
smbldap-useradd -w computer1
Change password
Password can be changed using the normal linux passwd command. passwd |
|