Re: samba-specific question about attribute generation

[Adam Williams <awilliam@whitemice.org>]

This is a Samba question, not an OpenLDAP one, you should as on the
Samba lists as that is more appropriate and you'll probably get a more
current answer (the valuation of these attributes changes slightly
between versions).

Take a look at the Samba section of 
ftp://ftp.kalamazoolinux.org/pub/pdf/ldapv3.pdf

"displayname" comes from the inetOrgPerson schema, not the Samba schema.

>In our ldap, we have people who are in the following objectclasses
> top
> person
> inetOrgPerson
> posixAccount
> shadowAccount
> customObjectClass:
> by doing a comparison of the exported .ldif files from a (test) person's 
> entry before and after using 'smbpasswd -a' on a machine that is 
> configured to make those changes back into the directory (instead of in 
> the smbpasswd file) i discover that
> in addition to
> objectclass:  sambaAccount
> i also have the following attributes
> rid:
> displayName:
> primaryGroupID:
> logonTime: 0
> acctFlags: [UX         ]
> logoffTime: 2147483647
> kickoffTime: 2147483647
> pwdLastSet: 1043292599
> pwdCanChange: 0
> pwdMustChange: 2147483647
> I'm trying to build a php page that will promote a user to objectclass: 
> sambaAccount -- my question is:  Can I just populate those attributes 
> with the above default values?  DisplayName can be generated from cn or 
> gecos.   PrimaryGroupID can be chosen according to custom attributes 
> that i have defined (and populated). Do i need to use a specific 
> algorithm for generating an rid? Or can I just pick from a range of 
> available numbers?