- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
I just though I’d share
Edit: I’m not sure if this actually works. All else fails fall back to Ansible
I just though I’d share
Edit: I’m not sure if this actually works. All else fails fall back to Ansible
Do you have any documentation on this by any chance? I don’t really like messing with ad schemas
sorry I don’t have any real documentation but I have a snippet of powershell that explains it pretty well here this comes from a user creation script I wrote back when they removed the unix UI.
I was using Get-AdUser and discovered that the properties still existed but you have to manually shove those in, when an sssd “domain bound” linux machine has a user with these props login, they get the defined UID and GID and homefolder etc.
basically the “OtherAttributes” on the ADUser object is a hashtable that holds all the special additional LDAP attributes, so in this example we use $otherAttributes to add all the fields we need, you can do the same with “Set-Aduser” if you just wanna edit an existing user and add these props
the @thing on New-ADuser is called a splat, very useful if you’re not familiar, it turns a hashtable into arguments
lemme know if you have any questions
I think you could boil it down to something like
Set-ADUser bob -otherattributes {uidNumber=1005, gidNumber=1005}