--- /dev/null
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
+ "http://www.w3.org/TR/REC-html40/loose.dtd">
+<HTML>
+<HEAD>
+
+<META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<META name="GENERATOR" content="hevea 1.06">
+<TITLE>
+ Using the scripts
+</TITLE>
+</HEAD>
+<BODY >
+<A HREF="smbldap-tools004.html"><IMG SRC ="previous_motif.gif" ALT="Précédent"></A>
+<A HREF="index.html"><IMG SRC ="contents_motif.gif" ALT="Remonter"></A>
+<A HREF="smbldap-tools006.html"><IMG SRC ="next_motif.gif" ALT="Suivant"></A>
+<HR>
+
+<H2><A NAME="htoc13">4</A> Using the scripts</H2><UL>
+<LI><A HREF="smbldap-tools005.html#toc8"> Initial directory's population</A>
+<LI><A HREF="smbldap-tools005.html#toc9"> User management</A>
+<LI><A HREF="smbldap-tools005.html#toc10"> Group management</A>
+<LI><A HREF="smbldap-tools005.html#toc11"> Adding a interdomain trust account</A>
+</UL>
+
+<A NAME="toc8"></A>
+<H3><A NAME="htoc14">4.1</A> Initial directory's population</H3>
+You can initialize the LDAP directory using the
+<TT>smbldap-populate</TT> script. To do that, the account defined in
+the <TT>/etc/opt/IDEALX/smbldap-tools/smbldap_bind.conf</TT> to access the
+master directory <B>must</B> must be the manager account defined in the
+directory configuration. On RedHat system, this file is
+<TT>/etc/openldap/slapd.conf</TT> and the account is defined with
+<PRE>
+ rootdn "cn=Manager,dc=idealx,dc=com"
+ rootpw secret
+</PRE>The <TT>smbldap_bind.conf</TT> file must then be configured so that
+the parameters to connect to the master LDAP server match the previous ones:
+<PRE>
+ masterDN="cn=Manager,dc=idealx,dc=com"
+ masterPw="secret"
+</PRE>
+Available options for this script are summarized in the table <A HREF="#table::populate">1</A>:
+<BLOCKQUOTE><DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV>
+ <A NAME="code_epsilon_var"></A>
+ <DIV ALIGN=center>
+ <TABLE BORDER=1 CELLSPACING=0 CELLPADDING=1>
+<TR><TD ALIGN=left NOWRAP>option</TD>
+<TD ALIGN=left NOWRAP>definition</TD>
+<TD ALIGN=left NOWRAP>default value</TD>
+</TR>
+<TR><TD ALIGN=left NOWRAP>-u <I>uidNumber</I></TD>
+<TD ALIGN=left NOWRAP>first uidNumber to allocate</TD>
+<TD ALIGN=left NOWRAP>1000</TD>
+</TR>
+<TR><TD ALIGN=left NOWRAP>-g <I>gidNumber</I></TD>
+<TD ALIGN=left NOWRAP>first uidNumber to allocate</TD>
+<TD ALIGN=left NOWRAP>1000</TD>
+</TR>
+<TR><TD ALIGN=left NOWRAP>-a <I>user</I></TD>
+<TD ALIGN=left NOWRAP>administrator login name</TD>
+<TD ALIGN=left NOWRAP>Administrator</TD>
+</TR>
+<TR><TD ALIGN=left NOWRAP>-b <I>user</I></TD>
+<TD ALIGN=left NOWRAP>guest login name</TD>
+<TD ALIGN=left NOWRAP>nobody</TD>
+</TR>
+<TR><TD ALIGN=left NOWRAP>-e <I>file</I></TD>
+<TD ALIGN=left NOWRAP>export a init file</TD>
+<TD ALIGN=left NOWRAP> </TD>
+</TR>
+<TR><TD ALIGN=left NOWRAP>-i <I>file</I></TD>
+<TD ALIGN=left NOWRAP>import a init file</TD>
+<TD ALIGN=left NOWRAP> </TD>
+</TR></TABLE>
+ </DIV>
+ <BR>
+<DIV ALIGN=center>Table 1: Options available for the <TT>smbldap-populate</TT> script</DIV><BR>
+
+ <A NAME="table::populate"></A>
+<DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV></BLOCKQUOTE>
+In the more general case, to set up your directory, simply use the
+following command:
+<PRE>
+[root@etoile root]# smbldap-populate
+Using builtin directory structure
+adding new entry: dc=idealx,dc=com
+adding new entry: ou=Users,dc=idealx,dc=com
+adding new entry: ou=Groups,dc=idealx,dc=com
+adding new entry: ou=Computers,dc=idealx,dc=com
+adding new entry: ou=Idmap,dc=idealx,dc=org
+adding new entry: cn=NextFreeUnixId,dc=idealx,dc=org
+adding new entry: uid=Administrator,ou=Users,dc=idealx,dc=com
+adding new entry: uid=nobody,ou=Users,dc=idealx,dc=com
+adding new entry: cn=Domain Admins,ou=Groups,dc=idealx,dc=com
+adding new entry: cn=Domain Users,ou=Groups,dc=idealx,dc=com
+adding new entry: cn=Domain Guests,ou=Groups,dc=idealx,dc=com
+adding new entry: cn=Print Operators,ou=Groups,dc=idealx,dc=com
+adding new entry: cn=Backup Operators,ou=Groups,dc=idealx,dc=com
+adding new entry: cn=Replicator,ou=Groups,dc=idealx,dc=com
+adding new entry: cn=Domain Computers,ou=Groups,dc=idealx,dc=com
+</PRE>
+After this step, if you don't want to use the <TT>cn=Manager,dc=idealx,dc=com</TT>
+account anymore, you can create a dedicated account for Samba and the
+smbldap-tools. See section <A HREF="smbldap-tools009.html#change::manager">8.2</A> for more details.<BR>
+<BR>
+The <TT>cn=NextFreeUnixId,dc=idealx,dc=org</TT> entry is only used to
+defined the next uidNumber and gidNumber available for creating new
+users and groups. The default values for those numbers are 1000. You
+can change it with the <TT>-u</TT> and <TT>-g</TT> option. For
+example, if you want the first available value for uidNumber and
+gidNumber to be set to 1500, you can use the following command :
+<PRE>
+smbldap-populate -u 1550 -g 1500
+</PRE>
+<A NAME="toc9"></A>
+<H3><A NAME="htoc15">4.2</A> User management</H3>
+
+<H4><A NAME="htoc16">4.2.1</A> Adding a user</H4><A NAME="add::user"></A>
+To add a user, use the <TT>smbldap-useradd</TT> script. Available
+options are summarized in the table <A HREF="#table::add::user">2</A>. If applicable,
+default values are mentionned in the third column. Any string beginning with a
+$ symbol refers to a parameter defined in the
+<TT>/etc/opt/IDEALX/smbldap-tools/smbldap.conf</TT> configuration file.
+<BLOCKQUOTE><DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV>
+ <DIV ALIGN=center>
+ <TABLE BORDER=1 CELLSPACING=0 CELLPADDING=1>
+<TR><TD VALIGN=top ALIGN=left>option</TD>
+<TD VALIGN=top ALIGN=left>definition</TD>
+<TD VALIGN=top ALIGN=left>example</TD>
+<TD VALIGN=top ALIGN=left>default value</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-a</TD>
+<TD VALIGN=top ALIGN=left>create a Windows account. Otherwise, only a Posix account
+ is created</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-w</TD>
+<TD VALIGN=top ALIGN=left>create a Windows Workstation account</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-i</TD>
+<TD VALIGN=top ALIGN=left>create an interdomain trust account. See section
+ <A HREF="#trust::account">4.4</A> for more details</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-u</TD>
+<TD VALIGN=top ALIGN=left>set a uid value</TD>
+<TD VALIGN=top ALIGN=left>-u 1003</TD>
+<TD VALIGN=top ALIGN=left>first uid available</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-g</TD>
+<TD VALIGN=top ALIGN=left>set a gid value</TD>
+<TD VALIGN=top ALIGN=left>-g 1003</TD>
+<TD VALIGN=top ALIGN=left>first gid available</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-G</TD>
+<TD VALIGN=top ALIGN=left>add the new account to one or several supplementary
+ groups (comma-separated)</TD>
+<TD VALIGN=top ALIGN=left>-G 512,550</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-d</TD>
+<TD VALIGN=top ALIGN=left>set the home directory</TD>
+<TD VALIGN=top ALIGN=left>-d /var/user</TD>
+<TD VALIGN=top ALIGN=left>$userHomePrefix/user</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-s</TD>
+<TD VALIGN=top ALIGN=left>set the login shell</TD>
+<TD VALIGN=top ALIGN=left>-s /bin/ksh</TD>
+<TD VALIGN=top ALIGN=left>$userLoginShell</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-c</TD>
+<TD VALIGN=top ALIGN=left>set the user gecos</TD>
+<TD VALIGN=top ALIGN=left>-c "admin user"</TD>
+<TD VALIGN=top ALIGN=left>$userGecos</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-m</TD>
+<TD VALIGN=top ALIGN=left>creates user's home directory and copies /etc/skel
+ into it</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-k</TD>
+<TD VALIGN=top ALIGN=left>set the skeleton dir (with -m)</TD>
+<TD VALIGN=top ALIGN=left>-k /etc/skel2</TD>
+<TD VALIGN=top ALIGN=left>$skeletonDir</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-P</TD>
+<TD VALIGN=top ALIGN=left>ends by invoking smbldap-passwd to set the user's
+ password</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-A</TD>
+<TD VALIGN=top ALIGN=left>user can change password ? 0 if no, 1 if yes</TD>
+<TD VALIGN=top ALIGN=left>-A 1</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-B</TD>
+<TD VALIGN=top ALIGN=left>user must change password at first session ? 0 if no, 1
+ if yes</TD>
+<TD VALIGN=top ALIGN=left>-B 1</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-C</TD>
+<TD VALIGN=top ALIGN=left>set the samba home share</TD>
+<TD VALIGN=top ALIGN=left>-C \\PDC\homes</TD>
+<TD VALIGN=top ALIGN=left>$userSmbHome</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-D</TD>
+<TD VALIGN=top ALIGN=left>set a letter associated with the home share</TD>
+<TD VALIGN=top ALIGN=left>-D H:</TD>
+<TD VALIGN=top ALIGN=left>$userHomeDrive</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-E</TD>
+<TD VALIGN=top ALIGN=left>set DOS script to execute on login</TD>
+<TD VALIGN=top ALIGN=left>-E common.bat</TD>
+<TD VALIGN=top ALIGN=left>$userScript</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-F</TD>
+<TD VALIGN=top ALIGN=left>set the profile directory</TD>
+<TD VALIGN=top ALIGN=left>-F \\PDC\profiles\user</TD>
+<TD VALIGN=top ALIGN=left>$userProfile</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-H</TD>
+<TD VALIGN=top ALIGN=left>set the samba account control bits
+ like'[NDHTUMWSLKI]'</TD>
+<TD VALIGN=top ALIGN=left>-H [X]</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-N</TD>
+<TD VALIGN=top ALIGN=left>set the canonical name of the user</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-S</TD>
+<TD VALIGN=top ALIGN=left>set the surname of the user</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-M</TD>
+<TD VALIGN=top ALIGN=left>local mailAddress (comma seperated)</TD>
+<TD VALIGN=top ALIGN=left>-M testuser,aliasuser</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-T</TD>
+<TD VALIGN=top ALIGN=left>forward mail address (comma seperated)</TD>
+<TD VALIGN=top ALIGN=left>-T
+ testuser@domain.org</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR></TABLE>
+ </DIV>
+ <BR>
+<DIV ALIGN=center>Table 2: Options available to the <TT>smbldap-useradd</TT> script</DIV><BR>
+
+ <A NAME="table::add::user"></A>
+<DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV></BLOCKQUOTE>
+
+For example, if you want to add a user named <I>user_admin</I> and who :
+<UL><LI>
+is a windows user
+<LI>must belong to the group of gid=512 ('Domain Admins' group)
+<LI>has a home directory
+<LI>does not have a login shell
+<LI>has a homeDirectory set to /dev/null
+<LI>does not have a roaming profile
+<LI>and for whom we want to set a first login password
+</UL>
+you must invoke:
+<PRE>
+smbldap-useradd -a -G 512 -m -s /bin/false -d /dev/null -F "" -P user_admin
+</PRE>
+
+<H4><A NAME="htoc17">4.2.2</A> Removing a user</H4>
+To remove a user account, use the <TT>smbldap-userdel</TT> script.
+Available options are
+<BLOCKQUOTE><DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV>
+ <DIV ALIGN=center>
+ <TABLE BORDER=1 CELLSPACING=0 CELLPADDING=1>
+<TR><TD ALIGN=left NOWRAP>option</TD>
+<TD ALIGN=left NOWRAP>definition</TD>
+</TR>
+<TR><TD ALIGN=left NOWRAP>-r</TD>
+<TD ALIGN=left NOWRAP>remove home directory</TD>
+</TR>
+<TR><TD ALIGN=left NOWRAP>-R</TD>
+<TD ALIGN=left NOWRAP>remove home directory interactively</TD>
+</TR></TABLE>
+ </DIV>
+ <BR>
+<DIV ALIGN=center>Table 3: Option available to the <TT>smbldap-userdel</TT> script</DIV><BR>
+
+ <A NAME="table::del::user"></A>
+<DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV></BLOCKQUOTE>
+For example, if you want to remove the <I>user1</I> account
+from the LDAP directory, and if you also want to delete his home
+directory, use the following command :
+<PRE>
+smbldap-userdel -r user1
+</PRE>
+Note: '-r' is dangerous as it may delete precious and unbackuped data,
+please be careful.<BR>
+<BR>
+
+<H4><A NAME="htoc18">4.2.3</A> Modifying a user</H4><A NAME="modify::user"></A>
+To modify a user account, use the <TT>smbldap-usermod</TT> script.
+Availables options are listed in the table <A HREF="#table::modify::user">4</A>.
+<BLOCKQUOTE><DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV>
+ <DIV ALIGN=center>
+ <TABLE BORDER=1 CELLSPACING=0 CELLPADDING=1>
+<TR><TD VALIGN=top ALIGN=left>option</TD>
+<TD VALIGN=top ALIGN=left>definition</TD>
+<TD VALIGN=top ALIGN=left>example</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-c</TD>
+<TD VALIGN=top ALIGN=left>set the user gecos</TD>
+<TD VALIGN=top ALIGN=left>-c "admin user"</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-d</TD>
+<TD VALIGN=top ALIGN=left>set the home directory</TD>
+<TD VALIGN=top ALIGN=left>-d /var/user</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-u</TD>
+<TD VALIGN=top ALIGN=left>set a uid value</TD>
+<TD VALIGN=top ALIGN=left>-u 1003</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-g</TD>
+<TD VALIGN=top ALIGN=left>set a gid value</TD>
+<TD VALIGN=top ALIGN=left>-g 1003</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-G</TD>
+<TD VALIGN=top ALIGN=left>add the new account to one or several supplementary
+ groups (comma-separated)</TD>
+<TD VALIGN=top ALIGN=left>-G 512,550</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left>-G -512,550</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left>-G +512,550</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-s</TD>
+<TD VALIGN=top ALIGN=left>set the login shell</TD>
+<TD VALIGN=top ALIGN=left>-s /bin/ksh</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-N</TD>
+<TD VALIGN=top ALIGN=left>set the canonical name of the user</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-S</TD>
+<TD VALIGN=top ALIGN=left>set the surname of the user</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-P</TD>
+<TD VALIGN=top ALIGN=left>ends by invoking smbldap-passwd to set the user's password</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-a</TD>
+<TD VALIGN=top ALIGN=left>add sambaSAMAccount objectclass</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-e</TD>
+<TD VALIGN=top ALIGN=left>set an expiration date for the password (format: YYYY-MM-DD HH:MM:SS)</TD>
+<TD VALIGN=top ALIGN=left> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-A</TD>
+<TD VALIGN=top ALIGN=left>user can change password ? 0 if no, 1 if yes</TD>
+<TD VALIGN=top ALIGN=left>-A 1</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-B</TD>
+<TD VALIGN=top ALIGN=left>user must change password at first session ? 0 if no, 1
+ if yes</TD>
+<TD VALIGN=top ALIGN=left>-B 1</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-C</TD>
+<TD VALIGN=top ALIGN=left>set the samba home share</TD>
+<TD VALIGN=top ALIGN=left>-C \\PDC\homes</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left>-C ""</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-D</TD>
+<TD VALIGN=top ALIGN=left>set a letter associated with the home share</TD>
+<TD VALIGN=top ALIGN=left>-D H:</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left>-D ""</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-E</TD>
+<TD VALIGN=top ALIGN=left>set DOS script to execute on login</TD>
+<TD VALIGN=top ALIGN=left>-E common.bat</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left>-E ""</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-F</TD>
+<TD VALIGN=top ALIGN=left>set the profile directory</TD>
+<TD VALIGN=top ALIGN=left>-F \\PDC\profiles\user</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left> </TD>
+<TD VALIGN=top ALIGN=left>-F ""</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-H</TD>
+<TD VALIGN=top ALIGN=left>set the samba account control bits like'[NDHTUMWSLKI]'</TD>
+<TD VALIGN=top ALIGN=left>-H [X]</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-I</TD>
+<TD VALIGN=top ALIGN=left>disable a user account</TD>
+<TD VALIGN=top ALIGN=left>-I 1</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-J</TD>
+<TD VALIGN=top ALIGN=left>enable a user</TD>
+<TD VALIGN=top ALIGN=left>-J 1</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-M</TD>
+<TD VALIGN=top ALIGN=left>local mailAddress (comma seperated)</TD>
+<TD VALIGN=top ALIGN=left>-M testuser,aliasuser</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-T</TD>
+<TD VALIGN=top ALIGN=left>forward mail address (comma seperated)</TD>
+<TD VALIGN=top ALIGN=left>-T
+ testuser@domain.org</TD>
+</TR></TABLE>
+ </DIV>
+ <BR>
+<DIV ALIGN=center>Table 4: Options available to the <TT>smbldap-usermod</TT> script</DIV><BR>
+
+ <A NAME="table::modify::user"></A>
+<DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV></BLOCKQUOTE>
+You can also use the <TT>smbldap-userinfo</TT> script to update user's information. This script can
+also be used by users themselves to update their own informations listed in the tables
+<A HREF="#table::modify::self::user">5</A> (adequats ACL must be set in the directory server). Available
+options are :
+<BLOCKQUOTE><DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV>
+ <DIV ALIGN=center>
+ <TABLE BORDER=1 CELLSPACING=0 CELLPADDING=1>
+<TR><TD VALIGN=top ALIGN=left>option</TD>
+<TD VALIGN=top ALIGN=left>definition</TD>
+<TD VALIGN=top ALIGN=left>example</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-f</TD>
+<TD VALIGN=top ALIGN=left>set the full name's user</TD>
+<TD VALIGN=top ALIGN=left>-f MyName</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-r</TD>
+<TD VALIGN=top ALIGN=left>set the room number</TD>
+<TD VALIGN=top ALIGN=left>-r 99</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-w</TD>
+<TD VALIGN=top ALIGN=left>set the work phone number</TD>
+<TD VALIGN=top ALIGN=left>-w 111111111</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-h</TD>
+<TD VALIGN=top ALIGN=left>set the home phone number</TD>
+<TD VALIGN=top ALIGN=left>-h 222222222</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-o</TD>
+<TD VALIGN=top ALIGN=left>set other information (in gecos definition)</TD>
+<TD VALIGN=top ALIGN=left>-o "second stage"</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left>-s</TD>
+<TD VALIGN=top ALIGN=left>set the default bash</TD>
+<TD VALIGN=top ALIGN=left>-s /bin/ksh</TD>
+</TR></TABLE>
+ </DIV>
+ <BR>
+<DIV ALIGN=center>Table 5: Options available to the <TT>smbldap-userinfo</TT> script</DIV><BR>
+
+ <A NAME="table::modify::self::user"></A>
+<DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV></BLOCKQUOTE>
+<A NAME="toc10"></A>
+<H3><A NAME="htoc19">4.3</A> Group management</H3>
+
+<H4><A NAME="htoc20">4.3.1</A> Adding a group</H4>
+To add a new group in the LDAP directory, use the <TT>smbldap-groupadd</TT>
+script. Available options are listed in the table
+<A HREF="#table::add::group">6</A>.
+<BLOCKQUOTE><DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV>
+ <DIV ALIGN=center>
+ <TABLE BORDER=1 CELLSPACING=0 CELLPADDING=1>
+<TR><TD VALIGN=top ALIGN=left NOWRAP>option</TD>
+<TD VALIGN=top ALIGN=left>definition</TD>
+<TD VALIGN=top ALIGN=left NOWRAP>example</TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left NOWRAP>-a</TD>
+<TD VALIGN=top ALIGN=left>add automatic group mapping entry</TD>
+<TD VALIGN=top ALIGN=left NOWRAP> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left NOWRAP>-g <TT>gid</TT></TD>
+<TD VALIGN=top ALIGN=left>set the <I>gidNumer</I> for this group to
+ <I>gid</I></TD>
+<TD VALIGN=top ALIGN=left NOWRAP><TT>-g 1002</TT></TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left NOWRAP>-o</TD>
+<TD VALIGN=top ALIGN=left>gidNumber is not unique</TD>
+<TD VALIGN=top ALIGN=left NOWRAP> </TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left NOWRAP>-r <TT>group-rid</TT></TD>
+<TD VALIGN=top ALIGN=left>set the rid of the group to
+ <I>group-rid</I></TD>
+<TD VALIGN=top ALIGN=left NOWRAP><TT>-r 1002</TT></TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left NOWRAP>-s <TT>group-sid</TT></TD>
+<TD VALIGN=top ALIGN=left>set the sid of the group to
+ <I>group-sid</I></TD>
+<TD VALIGN=top ALIGN=left NOWRAP><TT><FONT SIZE=1>-s
+ S-1-5-21-3703471949-3718591838-2324585696-1002</FONT></TT></TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left NOWRAP>-t <TT>group-type</TT></TD>
+<TD VALIGN=top ALIGN=left>set the <I>sambaGroupType</I> to
+ <I>group-type</I></TD>
+<TD VALIGN=top ALIGN=left NOWRAP><TT>-t 2</TT></TD>
+</TR>
+<TR><TD VALIGN=top ALIGN=left NOWRAP>-p</TD>
+<TD VALIGN=top ALIGN=left>print the gidNumber to stdout</TD>
+<TD VALIGN=top ALIGN=left NOWRAP> </TD>
+</TR></TABLE>
+ </DIV>
+ <BR>
+<DIV ALIGN=center>Table 6: Options available for the <TT>smbldap-groupadd</TT> script</DIV><BR>
+
+ <A NAME="table::add::group"></A>
+<DIV ALIGN=center><HR WIDTH="80%" SIZE=2></DIV></BLOCKQUOTE>
+
+<H4><A NAME="htoc21">4.3.2</A> Removing a group</H4>
+To remove the group named <TT>group1</TT>, just use the following
+command :
+<PRE>
+smbldap-userdel group1
+</PRE>
+<A NAME="toc11"></A>
+<H3><A NAME="htoc22">4.4</A> Adding a interdomain trust account</H3><A NAME="trust::account"></A>
+To add an interdomain trust account to the primary controller <I>trust-pdc</I>, use the <TT>-i</TT> option of
+<TT>smbldap-useradd</TT> as follows :
+<PRE>
+[root@etoile root]# smbldap-useradd -i trust-pdc
+New password : *******
+Retype new password : *******
+</PRE>
+The script will terminate asking for a password for this trust
+account. The account will be created in the directory branch where
+all computer accounts are stored (<TT>ou=Computers</TT> by
+default). The only two particularities of this account are that you are
+setting a password for this account, and the flags of this account are
+<TT>[I ]</TT>.
+ <HR>
+<A HREF="smbldap-tools004.html"><IMG SRC ="previous_motif.gif" ALT="Précédent"></A>
+<A HREF="index.html"><IMG SRC ="contents_motif.gif" ALT="Remonter"></A>
+<A HREF="smbldap-tools006.html"><IMG SRC ="next_motif.gif" ALT="Suivant"></A>
+</BODY>
+</HTML>
projects / samba / blobdiff