smbldap-tools 使用教程
该工具包,包含了samba和ldap结合使用的各项工具。
smbldap-config smbldap-groupmod smbldap-useradd smbldap-usermod
smbldap-groupadd smbldap-groupshow smbldap-userdel smbldap-usershow
smbldap-groupdel smbldap-passwd smbldap-userinfo
smbldap-grouplist smbldap-populate smbldap-userlist
添加用户
首先看一下home目录:
root@cky:~# ls /home
cky ldap_user01
要添加具有主目录的新用户:
root@cky:~# smbldap-useradd -a -P -m ldap_user02
Changing UNIX and samba passwords for ldap_user02
New password: 222222
Retype new password: 222222
查询用户
查询 LDAP 中的该用户:
root@cky:~# ldapsearch -x -b "uid=ldap_user02,ou=Dev,dc=company,dc=com"
# extended LDIF
#
# LDAPv3
# base <uid=ldap_user02,ou=Dev,dc=company,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# ldap_user02, Dev, company.com
dn: uid=ldap_user02,ou=Dev,dc=company,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
objectClass: sambaSamAccount
cn: ldap_user02
sn: ldap_user02
uid: ldap_user02
uidNumber: 10004
gidNumber: 513
homeDirectory: /home/ldap_user02
loginShell: /bin/bash
gecos: System User
givenName: ldap_user02
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
displayName: ldap_user02
sambaSID: S-1-5-21-385293779-2563394074-3374145406-10005
sambaPrimaryGroupSID: S-1-5-21-385293779-2563394074-3374145406-513
sambaProfilePath: \Companyprofilesldap_user02
sambaHomePath: \Companyldap_user02
sambaPwdLastSet: 1614333011
sambaAcctFlags: [U]
sambaPwdMustChange: 1618221011
sambaNTPassword: BA07BA35933E5BF42DEA4AF8ADD09D1E
sambaLMPassword: 833B90D86446228DAAD3B435B51404EE
shadowLastChange: 18684
shadowMax: 45
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
使用smbldap-userinfo查询用户信息:
root@cky:~# smbldap-userinfo -l ldap_user02
Full Name: ldap_user02
Family Name: ldap_user02
First Name: ldap_user02
User Shell: /bin/bash
Room Number: -
Work Phone: -
Home Phone: -
Other: -
Maximum number of days between Shadow password change: 45
Minimum number of days between Shadow password change: -
Shadow Warning: -
Shadow Inactive: -
Shadow Expires: -
Shadow Last Change: Fri Feb 26 2021
Shadow Account Satus: unlock
Samba Password Last Set: Fri Feb 26 2021 09:50
Samba Password Must Change: Mon Apr 12 2021 09:50
Samba Flags: [U]
查询home目录:
root@cky:~# ls /home
cky ldap_user01 ldap_user02
删除用户
删除用户,并删除其主目录:
root@cky:~# smbldap-userdel -r ldap_user02
再次查询 LDAP 用户:
root@cky:~# ldapsearch -x -b "uid=ldap_user02,ou=Dev,dc=company,dc=com"
# extended LDIF
#
# LDAPv3
# base <uid=ldap_user02,ou=Dev,dc=company,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
matchedDN: ou=Dev,dc=company,dc=com
# numResponses: 1
查询home目录:
root@cky:~# ls /home
cky ldap_user01
添加组
root@cky:~# smbldap-groupadd -a groupname
使现有用户成为组的成员
root@cky:~# smbldap-groupmod -m username groupname
将用户从组中删除
root@cky:~# smbldap-groupmod -x username groupname