Home Forums OS X Server and Client Discussion Active Directory Bound to AD using SFU3.5 X11 question.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • October 27, 2005 at 6:08 pm #363822
    xom
    Participant

    First, this is a great site!
    I have a mac running 10.4.2 that is bound to AD. I’m running SFU 3.5 on my windows domain controller mainly for user name mapping so folks can get to NFS mounts served via our Solaris file servers. Everything is working ok except that users logging on to the mac with their AD credentials can’t change their shell in the X11 client. They can change it in the terminal app, though not by using chsh. They have to go to preferences and change from usr/bin/login to /bin/whatevershell. I have the default shell set to /bin/tcsh in the Active directory plugin and a user wants zsh. I’m not sure how I can do this without changing the default shell that everyone would get logging into this particular mac. Any insight would be greatly appreciated.
    Thanks,
    xom

    October 27, 2005 at 9:39 pm #363827
    xom
    Participant

    [QUOTE BY= MacTroll] With SFU did you give every user in AD a shell?

    By default we won’t map that, but you can using dsconfigad and doing a static map.

    If you don’t have it in AD, and you’re not going to put it in there, you’re correct that there really isn’t an easy way to do it.

    What’s wrong with bash, anyway? Big Grin [/QUOTE]

    Do you mean use dsconfigad and map the shell preference for the specific user?
    I like bash and t but this CS prof. wants z. Rolling Eyes

    October 27, 2005 at 10:03 pm #363829
    xom
    Participant

    [QUOTE BY= MacTroll] [QUOTE BY= xom]
    Do you mean use dsconfigad and map the shell preference for the specific user?[/QUOTE]

    Well, you won’t be able to map per user. Instead you can map all users to a shell set in each user’s SFU shell attribute in AD.[/QUOTE]

    ahh, so there IS a way to do other mappings besides what is in the GUI plugin. I’ve been playing with different ways to map our unix user GIDs to what SFU adschema entrys are.
    cool thanks,
    xom

    October 28, 2005 at 4:52 pm #363843
    xom
    Participant

    Ah I see. Yes I am looking for a way to map the shell entry value from the SFU entries to the AD schema to something the Apple understands. That way I can control the shell type on per user basis from AD.
    thanks,
    xom.

    October 28, 2005 at 5:28 pm #363844
    xom
    Participant

    ok so I found an attribute in the schema for the user shell:
    msSFU30LoginShell
    It has an attribute ID of 1.2.840.113556.1.6.18.1.312
    I will replace what is in the AD plist for user shell with that string and see if it takes.
    -xom

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.