Web lists-archives.com

Re: [Samba] Rename Samba 4 Users




On Tue, 21 Mar 2017 21:12:03 -0300
Edson Tadeu Almeida da Silveira <edson.tadeu@xxxxxxxxx> wrote:

> When i use ldbrename and ldbmodify without set "cn: " in my ldif, the
> "cn" field don't change.

That might be your problem, you do not use an ldif with ldbrename, the
command is:

ldbrename -H /usr/local/samba/private/sam.ldb \
CN=ldap05,CN=Users,DC=samdom,DC=example,DC=com \
CN=User20,CN=Users,DC=samdom,DC=example,DC=com

i.e. ldbrename -H /path/to/sam.ldb users_old_dn users_new_dn

You need to run this on the DC.

This will change the 'cn' as well, it has to, because 'cn' has to be the
same as the first part of the user DN, in this case 'CN=ldap05' or to be
even more blunt, look at the first two letters of 'CN=ldap05'

> 
> This is because i set it in file.ldif.

You do not need 'cn' in the secondary ldif, you just need something like
this:

dn: CN=User20,CN=Users,DC=samdom,DC=example,DC=com
changetype: modify
-
replace: displayName
displayName: User20
-
replace: sAMAccountName
sAMAccountName: User20
-
replace: msSFU30Name
msSFU30Name: User20
-
replace: userPrincipalName
userPrincipalName: User20@xxxxxxxxxxxxxxxxxx

i.e. the users new DN and any attributes that require changing.

> 
> But the problem is after this change, i go to ADUC and try to search
> this renamed user and it didn't give any return to me. 

It should, have you tried refreshing the view ?

> Beside that,
> its look like the users lose their group relation when renaming using
> shell.

They shouldn't, the link should be updated.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba