⇤ ← Revision 1 as of 2018-11-21 13:48:01
277
Comment:
|
1168
|
Deletions are marked like this. | Additions are marked like this. |
Line 10: | Line 10: |
User attributes can be changed by editing a users LDAP record. The easiest way to do this interactively is with either `samba-tool user edit <username>` on a domain controller or `ldapvi cn=<username>` if editing from any other machine. Users can also be batch edited with ldapmodify. See below for details. Important attributes that might need to be changed are: ||'''Field'''||'''Description'''|| ||`displayName`||automatically generated as "`<givenName> <sn>`"|| ||`givenName`|| Firstname|| ||`sn`|| Surname|| ||`gecos`||Stores the user's real name on *NIX systems, defaults to be the same as `displayName`|| ||`LoginShell`||User's *NIX shell, defaults to `/bin/zsh`|| ||`gidNumber`||The user's primary POSIX group|| |
|
Line 13: | Line 26: |
LDAP access in AD environments requires authentication to work properly, use `-x -W -D "<your_username>@ad.ucc.gu.uwa.edu.au"` to authenticate the query. |
This page outlines how to perform common tasks with active directory
NOTE: This page is a work in progress and is subject to change without warning
Changing Passwords
Locking/Unlocking Accounts
Editing user attributes
User attributes can be changed by editing a users LDAP record. The easiest way to do this interactively is with either samba-tool user edit <username> on a domain controller or ldapvi cn=<username> if editing from any other machine.
Users can also be batch edited with ldapmodify. See below for details.
Important attributes that might need to be changed are:
Field |
Description |
displayName |
automatically generated as "<givenName> <sn>" |
givenName |
Firstname |
sn |
Surname |
gecos |
Stores the user's real name on *NIX systems, defaults to be the same as displayName |
LoginShell |
User's *NIX shell, defaults to /bin/zsh |
gidNumber |
The user's primary POSIX group |
ldap tools
LDAP access in AD environments requires authentication to work properly, use -x -W -D "<your_username>@ad.ucc.gu.uwa.edu.au" to authenticate the query.