LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 02-26-2007, 07:14 PM   #1
lordtyp0
LQ Newbie
 
Registered: Mar 2004
Location: Las Vegas
Distribution: RHEL (Centos), Debian flavors.
Posts: 12

Rep: Reputation: 0
Pulling only active users from ADS and trusts.


Does anyone know an easy way to pull only active users from a Windows domain controller?

The Setup:
2 domain controllers.
The main is 2003 with ADS etc.
The second domain is an old NT domain at another location.

Due to firewalls and routing I can only query the 2k3 box, it in turn will show all users (including disabled) on the NT domain via the trust.

For various reason LDAP is not an option for me.

Essentially I need a way to pull only the enabled/active users from the DC's.

'wbinfo -u' in this case shows all users-including disabled accounts.

And no, I have no idea why the standing policy is to disable the accounts instead of removing them outright.

The reason:
I am setting up a jabber server and a couple other services that pull active accounts to the DB and will rip when the account is shut off. I am forced to use postgres for auth instead of LDAP due to the afore mentioned restrictions placed on me.

Anyone have any suggestions?
 
Old 02-28-2007, 11:47 AM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,972
Blog Entries: 11

Rep: Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876Reputation: 876
You could still use LDAP (the ldapclient tools) to feed the user
info into postgres on a scheduled basis.
(minus authentication, hostinfo and all or knowledge of your AD schema)
ldapsearch '(!(loginDisable=true))' cn


Cheers,
Tink
 
Old 02-28-2007, 03:18 PM   #3
lordtyp0
LQ Newbie
 
Registered: Mar 2004
Location: Las Vegas
Distribution: RHEL (Centos), Debian flavors.
Posts: 12

Original Poster
Rep: Reputation: 0
The NT domain does not have LDAP configured-it's a REALLY obsolete setup at the second location. Know if this would transverse to the second domain?

(Thanks for the re- )

lt0



Quote:
Originally Posted by Tinkster
You could still use LDAP (the ldapclient tools) to feed the user
info into postgres on a scheduled basis.
(minus authentication, hostinfo and all or knowledge of your AD schema)
ldapsearch '(!(loginDisable=true))' cn


Cheers,
Tink
 
  


Reply

Tags
ads, samba, winbind


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
pulling Active Directory information jsheffie Red Hat 2 08-16-2006 10:49 AM
samba 3.0.23 and active directory (ads) jtmillard Linux - Software 2 08-04-2006 08:39 AM
Active directory users to Samba users alexpacio Linux - Networking 0 05-19-2006 08:44 AM
Ads for users public_html on Apache 2 Oxagast Linux - Software 5 10-09-2005 06:27 PM
Setting up SAMBA with ADS toa Windows Active Directory llyr Linux - Software 3 09-11-2004 10:20 PM


All times are GMT -5. The time now is 06:04 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration