this post was submitted on 19 Apr 2024
106 points (95.7% liked)

Linux

48069 readers
761 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I just though I'd share

Edit: I'm not sure if this actually works. All else fails fall back to Ansible

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 6 months ago (2 children)

I thought this stopped working after MS pulled the Unix subsystem, as samba was using those attributes to manage the Linux systems?

[–] [email protected] 6 points 6 months ago (1 children)

Microsoft pulled those from the UI, but if you're adventurous you can just shove those attributes in to user with power shell and it works the same.

Then just use sssd instead of NIS, surprised me at work when this worked.

[–] [email protected] 2 points 6 months ago (1 children)

Do you have any documentation on this by any chance? I don't really like messing with ad schemas

[–] [email protected] 1 points 6 months ago (1 children)

sorry I don't have any real documentation but I have a snippet of powershell that explains it pretty well here this comes from a user creation script I wrote back when they removed the unix UI.

I was using Get-AdUser and discovered that the properties still existed but you have to manually shove those in, when an sssd "domain bound" linux machine has a user with these props login, they get the defined UID and GID and homefolder etc.

$otherAttributes = @{}
Write-Host -ForegroundColor Yellow "Adding Linux Attributes"

# get the next numeric uid number from AD
$uidNumber=((get-aduser -Filter * -Properties * | where-object {$_.uidNumber} | select uidNumber | sort uidNumber | select -Last 1).uidNumber)+1

$otherAttributes.Add("unixHomeDirectory","/homefolder/path/$($samAccountName)")
$otherAttributes.Add("uid","$($samAccountName)")
$otherAttributes.Add("gidNumber","$($gidNumber)")
$otherAttributes.Add("uidNumber","$($uidNumber)")
$otherAttributes.Add("loginShell","$($loginShell)")

$UserArgs = @{
    Credential = $creds
    Enabled = $true
    ChangePasswordAtLogon = $true
    Path = $usersOU
    HomeDirectory = "$homeDirPath\$samAccountName"
    HomeDrive = $homeDriveLetter
    GivenName = $firstName
    Surname = $lastName
    DisplayName = $displayName
    SamAccountName = $samAccountName
    Name = $displayName
    AccountPassword = $securePW
    UserPrincipalName = "$($aliasName)@DOMAIN.COM"
    OtherAttributes = $otherAttributes
}

$newUser = New-ADUser @UserArgs

basically the "OtherAttributes" on the ADUser object is a hashtable that holds all the special additional LDAP attributes, so in this example we use $otherAttributes to add all the fields we need, you can do the same with "Set-Aduser" if you just wanna edit an existing user and add these props

the @thing on New-ADuser is called a splat, very useful if you're not familiar, it turns a hashtable into arguments

lemme know if you have any questions

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

I think you could boil it down to something like Set-ADUser bob -otherattributes {uidNumber=1005, gidNumber=1005}

[–] [email protected] 1 points 6 months ago (1 children)

I don't know. I just found this why looking for something else.

[–] [email protected] 1 points 6 months ago (1 children)

Grid by Zorin, whenever it gets released, will be what you want

[–] [email protected] 1 points 6 months ago (1 children)
[–] [email protected] 1 points 6 months ago (1 children)

time will tell once it is released.

[–] [email protected] 2 points 6 months ago (1 children)

If it is at least somewhat distro agnostic and has commercial support available they will get lots of business.

[–] [email protected] 1 points 6 months ago (1 children)

Yep. i imagine the long time between initial announcement and still waiting, is getting it right for realease. At least I hope that is why it has taken so long

[–] [email protected] 0 points 6 months ago* (last edited 6 months ago) (1 children)

Zoin isn't exactly known for long term stability or regular releases. That why I can't really recommend it.

We need tooling but Zoin probably isn't where it will come from.

[–] [email protected] 1 points 6 months ago

They seem to be fine lately, i had 16 last year 17 this year with updates...but I don't follow them closely since Nix and OpenSUSE are my main ones