Quantcast

Rename Samba 4 Users

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Rename Samba 4 Users

Samba - General mailing list
Hi guys!

Do you know if there is a away to rename a list of samba 4 user accounts ?

I need to change a list of 2000 users from "login name" to a "login number"
i would not like to do this one by one.

I know that in windows server i can do using powershell script, but it
doesn´t work with samba.

If you have any ideia on how to do this i appreciate.

Thanks!!

--

-------------------------------------------
Edson Tadeu Almeida Silveira
http://sites.google.com/site/edsontadeu/
-------------------------------------------
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Rename Samba 4 Users

Samba - General mailing list
On Mon, 13 Mar 2017 14:35:00 -0300
Edson Tadeu Almeida da Silveira via samba <[hidden email]> wrote:

> Hi guys!
>
> Do you know if there is a away to rename a list of samba 4 user
> accounts ?
>
> I need to change a list of 2000 users from "login name" to a "login
> number" i would not like to do this one by one.
>
> I know that in windows server i can do using powershell script, but it
> doesn´t work with samba.
>
> If you have any ideia on how to do this i appreciate.
>
> Thanks!!
>

You could write a script around ldbrename, see 'man ldbrename'

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Rename Samba 4 Users

Samba - General mailing list
On Tue, 21 Mar 2017 16:23:13 -0300
Edson Tadeu Almeida da Silveira <[hidden email]> wrote:

> Hi Rowland.
>
> After change users name and properties i had a problem when searching
> them with windows administration tool.
>
> All users that i have changed i cant find with search tool.
>
> Do you known if there is something i can do?
>
> Thanks!!!

Not sure, did they actually rename ?
I take it you tried with just one for a start

I have just tried it myself and it works for me:

ldbrename -H /usr/local/samba/private/sam.ldb CN=User8,CN=Users,DC=test,DC=tld CN=User20,CN=Users,DC=test,DC=tld
Renamed 1 record

Created an ldif

/tmp/user.ldif

dn: CN=User20,CN=Users,DC=test,DC=tld
changetype: modify
-
replace: sAMAccountName
sAMAccountName: User20
-
replace: userPrincipalName
userPrincipalName: [hidden email]

I didn't bother trying to change the 'cn' to itself ;-)

I then ran ldbmodify on the ldif:

ldbmodify -H /usr/local/samba/private/sam.ldb /tmp/user.ldif

Try to find the user by its new name:

ldbsearch -H /usr/local/samba/private/sam.ldb -b CN=Users,DC=test,DC=tld -s sub '(samaccountname=User20)'

dn: CN=User20,CN=Users,DC=test,DC=tld
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
instanceType: 4
whenCreated: 20170318131326.0Z
uSNCreated: 3840
objectGUID: 02149d6b-a6a7-43fc-bf1e-3de5b6cb0c3d
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
primaryGroupID: 513
objectSid: S-1-5-21-799899434-4025241831-2425910908-1110
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountType: 805306368
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=test,DC=tld
uid: User8
uidNumber: 10006
gidNumber: 10000
gecos: User8
loginShell: /bin/bash
unixHomeDirectory: /home/User8
msSFU30NisDomain: test
msSFU30Name: User8
unixUserPassword: ABCD!efgh12345$67890
pwdLastSet: 131343164067988970
userAccountControl: 512
cn: User20
name: User20
sAMAccountName: User20
userPrincipalName: [hidden email]
whenChanged: 20170321195521.0Z
uSNChanged: 3890
distinguishedName: CN=User20,CN=Users,DC=test,DC=tld

# returned 1 records
# 1 entries
# 0 referrals

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Rename Samba 4 Users

Samba - General mailing list
On Tue, 21 Mar 2017 21:12:03 -0300
Edson Tadeu Almeida da Silveira <[hidden email]> wrote:

> When i use ldbrename and ldbmodify without set "cn: " in my ldif, the
> "cn" field don't change.

That might be your problem, you do not use an ldif with ldbrename, the
command is:

ldbrename -H /usr/local/samba/private/sam.ldb \
CN=ldap05,CN=Users,DC=samdom,DC=example,DC=com \
CN=User20,CN=Users,DC=samdom,DC=example,DC=com

i.e. ldbrename -H /path/to/sam.ldb users_old_dn users_new_dn

You need to run this on the DC.

This will change the 'cn' as well, it has to, because 'cn' has to be the
same as the first part of the user DN, in this case 'CN=ldap05' or to be
even more blunt, look at the first two letters of 'CN=ldap05'

>
> This is because i set it in file.ldif.

You do not need 'cn' in the secondary ldif, you just need something like
this:

dn: CN=User20,CN=Users,DC=samdom,DC=example,DC=com
changetype: modify
-
replace: displayName
displayName: User20
-
replace: sAMAccountName
sAMAccountName: User20
-
replace: msSFU30Name
msSFU30Name: User20
-
replace: userPrincipalName
userPrincipalName: [hidden email]

i.e. the users new DN and any attributes that require changing.

>
> But the problem is after this change, i go to ADUC and try to search
> this renamed user and it didn't give any return to me.

It should, have you tried refreshing the view ?

> Beside that,
> its look like the users lose their group relation when renaming using
> shell.

They shouldn't, the link should be updated.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Rename Samba 4 Users

Samba - General mailing list
On Wed, 22 Mar 2017 07:13:59 -0300
Edson Tadeu Almeida da Silveira <[hidden email]> wrote:

> So...
>
> It´s appears not to working for me. I´m doing exactly this:
>
> ldbrename -H tdb://samba/private/sam.ldb.d/DC=DOMAIN,DC=LOCAL.ldb
> "CN=user01,OU=Users,DC=domain,DC=local"
> "CN=user02,OU=Users,DC=domain,DC=local"
> ldbrename -H tdb://samba/private/sam.ldb.d/DC=DOMAIN,DC=LOCAL.ldb
> "CN=user05,OU=Users,DC=domain,DC=local"
> "CN=user06,OU=Users,DC=domain,DC=local"
>
>
> The ldif is only to correct some fields after renaming...
>
> I did all that you have said... do you thing it should be a problem
> with my samba version ? (4.4.10)
>

Well, I am doing (using the info above) this:

ldbrename -H /samba/private/sam.ldb
CN=user01,OU=Users,DC=domain,DC=local
CN=user02,OU=Users,DC=domain,DC=local

And, altering what you are doing, makes me hope you are doing this in a
test domain!!

DO NOT DIRECTLY ALTER the ldb files under sam.ldb.d

You could damage your AD if you do.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Loading...