<itemizedlist>
<listitem>
- <para>Active Directory Server<para>
+ <para>Active Directory Server</para>
</listitem>
<listitem>
- <para>Group Policy Objects (in Active Direcrtory)<para>
+ <para>Group Policy Objects (in Active Direcrtory)</para>
</listitem>
<listitem>
- <para>Machine Policy objects<para>
+ <para>Machine Policy objects</para>
</listitem>
<listitem>
- <para>Logon Scripts in Active Directorty<para>
+ <para>Logon Scripts in Active Directorty</para>
</listitem>
<listitem>
- <para>Software Application and Access Controls in Active Directory<para>
+ <para>Software Application and Access Controls in Active Directory</para>
</listitem>
</itemizedlist>
<step><para>initGrps.sh DOMNAME</para></step>
- <step><para>smbgroupedit -v</para>
+ <step><para>net groupmap list</para>
<substeps><step><para>Now check that all groups are recognised</para></step></substeps>
</step>
User and Group mapping to Unix/Linux
username map facility may be needed
- Use smbgroupedit to connect NT4 groups to Unix groups
+ Use 'net groupmap' to connect NT4 groups to Unix groups
Use pdbedit to set/change user configuration
NOTE:
If migrating to LDAP back end it may be easier to dump initial LDAP database to LDIF, then edit, then reload into LDAP
Profiles, Policies, Access Controls, Security
Migration Tools
- Samba: net, rpcclient, smbpasswd, pdbedit, smbgroupedit, profiles
+ Samba: net, rpcclient, smbpasswd, pdbedit, profiles
Windows: NT4 Domain User Manager, Server Manager (NEXUS)
Authentication
</programlisting>
</para>
+</sect2>
+
</sect1>
</chapter>
<para>
With a Samba Domain Controller, the new tools for managing of user account and policy information includes:
-<filename>smbpasswd, pdbedit, smbgroupedit, net, rpcclient.</filename>. The administrator should read the
+<filename>smbpasswd, pdbedit, net, rpcclient.</filename>. The administrator should read the
man pages for these tools and become familiar with their use.
</para>
root# /usr/bin/openssl req -new -x509 -days 365 -nodes -config \
/usr/share/doc/packages/stunnel/stunnel.cnf \
-out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem
- </programlisting><para></listitem>
+ </programlisting></para></listitem>
<listitem><para>
remove swat-entry from [x]inetd