Listing user...

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Listing user...

Samba - General mailing list

Considering that 'winbind enum users' pose some performance trouble and
it is better to not use it, how can i list my users (considering that
previously i was used to a simple 'getent passwd')?

I can use:

1) pdbedit -L

  Pros: + it list UID and GECOS, if needed.
        + it list also machine account, if needed.

2) wbinfo -u

  Pros: + it list also foreign domain users?

3) samba-tool user list


Generally speaking, having to code some scripts, there's something of
these tools (eg, pdbedit, wbinfo and samba-tool) that have to be
discontinued in the next release of samba?


Thanks.

--
dott. Marco Gaiarin        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

                Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
        (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Listing user...

Samba - General mailing list
On Tue, 3 Oct 2017 18:47:08 +0200
Marco Gaiarin via samba <[hidden email]> wrote:

>
> Considering that 'winbind enum users' pose some performance trouble
> and it is better to not use it, how can i list my users (considering
> that previously i was used to a simple 'getent passwd')?

Why do you need a list of users ?

>
> I can use:
>
> 1) pdbedit -L
>
>   Pros: + it list UID and GECOS, if needed.
>         + it list also machine account, if needed.
>
> 2) wbinfo -u
>
>   Pros: + it list also foreign domain users?
>
> 3) samba-tool user list
>
>
> Generally speaking, having to code some scripts, there's something of
> these tools (eg, pdbedit, wbinfo and samba-tool) that have to be
> discontinued in the next release of samba?

None of the tools you have mentioned will disappear with the next
release of Samba (4.8.0). Removing any of them would mean that they
would have to be marked as deprecated in samba-master. This would mean
that 'deprecation' would only start with 4.9.0 and so would only take
effect when 5.0.0 came out. I cannot see any of then being marked as
deprecated until such time as something better comes along.
 
Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Listing user...

Samba - General mailing list
Mandi! Rowland Penny via samba
  In chel di` si favelave...

> Why do you need a list of users ?

Because?! ;-)

I've coded some script in the past (eg, when i was using OpenLDAP and
samba in NT mode) that do something on the behalf of the users, ad i
was used to do a 'getent passwd' to have the list.


> effect when 5.0.0 came out. I cannot see any of then being marked as
> deprecated until such time as something better comes along.

Ok. Thanks.

--
dott. Marco Gaiarin        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

                Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
        (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Listing user...

Samba - General mailing list
On Wed, 4 Oct 2017 10:54:01 +0200
Marco Gaiarin via samba <[hidden email]> wrote:

> Mandi! Rowland Penny via samba
>   In chel di` si favelave...
>
> > Why do you need a list of users ?
>
> Because?! ;-)
>
> I've coded some script in the past (eg, when i was using OpenLDAP and
> samba in NT mode) that do something on the behalf of the users, ad i
> was used to do a 'getent passwd' to have the list.
>

It is very easy to get a list of users from Samba AD with a simple
script, you could use something like this:

#!/bin/bash

DNSDOMAIN=$(hostname -d)

DC=$(host -t SRV _kerberos._udp.${DNSDOMAIN} | awk '{print $NF}'| sed
's/.$//' | head -n1 | awk -F '.' '{print $1}')

SUFFIX="dc=$(echo "${DNSDOMAIN}" | sed 's|\.|,dc=|g')"

ldbsearch -H ldap://${DC} -P -b "${SUFFIX}" -s sub
"(&(objectClass=user)(!(objectClass=computer)))" samaccountname | grep
sAMAccountName | sed "s|sAMAccountName: ||"

exit 0

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Listing user...

Samba - General mailing list
Mandi! Rowland Penny via samba
  In chel di` si favelave...

> It is very easy to get a list of users from Samba AD with a simple
> script, you could use something like this:

Ahem, probably we have two different concept of 'simple'. ;-)
For me, doing LDAP queries is the last resort.

Anyway, thanks...

--
dott. Marco Gaiarin        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

                Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
        (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Listing user...

Samba - General mailing list
On Wed, 4 Oct 2017 15:39:23 +0200
Marco Gaiarin via samba <[hidden email]> wrote:

> Mandi! Rowland Penny via samba
>   In chel di` si favelave...
>
> > It is very easy to get a list of users from Samba AD with a simple
> > script, you could use something like this:
>
> Ahem, probably we have two different concept of 'simple'. ;-)
> For me, doing LDAP queries is the last resort.
>
> Anyway, thanks...
>

Apart from using ldbsearch instead of ldapsearch, it is a very simple 4
line script. It obtains the dns domain, it then uses this to find a
DC and then searches AD for users
 
As I said easy ;-)

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: Listing user...

Samba - General mailing list
In reply to this post by Samba - General mailing list
On Wed, Oct 04, 2017 at 10:18:10AM +0100, Rowland Penny via samba wrote:

> On Wed, 4 Oct 2017 10:54:01 +0200
> Marco Gaiarin via samba <[hidden email]> wrote:
>
> > Mandi! Rowland Penny via samba
> >   In chel di` si favelave...
> >
> > > Why do you need a list of users ?
> >
> > Because?! ;-)
> >
> > I've coded some script in the past (eg, when i was using OpenLDAP and
> > samba in NT mode) that do something on the behalf of the users, ad i
> > was used to do a 'getent passwd' to have the list.
> >
>
> It is very easy to get a list of users from Samba AD with a simple
> script, you could use something like this:

Cool script Rowland, I've saved it off in my "useful scripts" folder :-).

Thanks,

        Jeremy.

> #!/bin/bash
>
> DNSDOMAIN=$(hostname -d)
>
> DC=$(host -t SRV _kerberos._udp.${DNSDOMAIN} | awk '{print $NF}'| sed
> 's/.$//' | head -n1 | awk -F '.' '{print $1}')
>
> SUFFIX="dc=$(echo "${DNSDOMAIN}" | sed 's|\.|,dc=|g')"
>
> ldbsearch -H ldap://${DC} -P -b "${SUFFIX}" -s sub
> "(&(objectClass=user)(!(objectClass=computer)))" samaccountname | grep
> sAMAccountName | sed "s|sAMAccountName: ||"
>
> exit 0
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba