Samba Active Directory tools for Windows Admins ADUC and ADSI Edit in Linux (via YaST)
David Mulder SUSE Labs Software Engineer SUSE/[email protected] To get the source code github.com/orgs/yast/teams/samba-team
2 Introduction
●What is SUSE? ●What is YaST? ●Prerequisites to YaST AD tools ● yast-python-bindings
3 What is SUSE?
4 1991 – The Birth of Linux SUSE Timeline
1992 to 2000 The Pioneering Years
1992 1994 1996 1997-1998 1999 2000 S.u.S.E. founded S.u.S.E S.u.S.E SUSE IBM, SAP YaST re- (German Linux 1.0 Linux 4.2 becomes and Oracle written. acronym ships on is the first Europe’s partnerships SUSE Linux for “Software und floppies. true leading announced. Enterprise System- SUSE Linux SUSE Linux Server Entwicklung). distributio distribution. Enterprise released. n. SLS is released, SUSE Server SUSE Linux it’s the first YaST enters North released. Enterprise comprehensive released. America SUSE enters Server for Linux distribution. market. Asia Pacific IBM s/390. market. SUSE helps AMD port 22 Linux to x86- 64 architecture. 2001 to 2010 Building a Strong Ecosystem
2001 2002- 2004 2006 2009 2010 SUSE 2003 openSU Microsoft and SUSE VMware Linux SUSE SE SUSE Linux partnership Enterprise acquired Launche announce Enterprise announced. Server for d. interoperabilit Server 11 by Novell SUSE Linux x86 y agreement. released Enterprise released. Intel, with KVM. AMD, HP, SUSE offers available Fujitsu first SUSE on Amazon and other Enterprise Studio EC2. major virtualization launched. partnershi technology ps integration announce for Linux d. (Xen). 23 2011 to Present Enabling an Always Open Data Center
2011 2012 2014 2015 2016 Novell SUSE Linux SUSE SUSE SUSE CEO acquired by Enterprise joins Enterprise joins Micro Attachmate available on Micro Storage Focus board. Microsoft Focus. based on SUSE acquires SUSE Azure. Ceph SUSE openATTIC OpenStack launched. Cloud SUSECON Linux Storage released. launched in Enterprise SUSE Management North 12 joins assets. America. released. Cloud Foundry. SUSE Manager released. 2011 to Present From Linux Pioneer to Software-defined Infrastructure and Beyond
2017 2018 2019 SUSE acquires SUSE Partnership OpenStack Enterprise 15 with EQT sees IaaS and Cloud released. SUSE become Foundry PaaS largest talent and independent technology open source assets from software HPE. company. SUSE celebrates it’s 25th anniversary. SUSE Cloud Application Platform Certified by Cloud Foundry SUSE CaaS Platform released. What is YaST?
10 Yet another Setup Tool!
11 Installing and removing software
12 Configuring the firewall
13 Enabling and disabling system services
14 Windows Domain Membership
15 Active Directory Users and Computers
16 ADSI Edit
17 YaST in the Terminal
18 Prerequisites to YaST AD tools
19 Why python?
●Samba python bindings ●YaST python bindings
20 YaST Python Bindings
# Python module declaration Sum.py from yast import Declare @Declare('integer', 'integer', 'integer') def suma(a, b): return a + b
# Python UI import yast yast.import_module('Sum') yast.import_module('Popup') sum = yast.Sum.suma(1, 2) yast.Popup.Message('Sum 1 and 2: %d' % sum)
21 YaST Python Bindings
22 For more info github.com/yast/yast-python-bindings [email protected]
23 Samba AD Tools
24 Outline
● YaST Active Directory Users and Computers ● YaST ADSI Edit ● Extras
25 Active Directory Users and Computers
26 How do I get it?
On openSUSE: sudo zypper in yast2-aduc
Fedora repos: https://build.opensuse.org/project/show/home:hellcp:YaST-for-Fedora or git clone https://github.com/yast/yast2-aduc.git git clone https://github.com/yast/yast2-adcommon-python.git
27 Loading ADUC
28 User Properties
29 Create a user
30 Create a group
31 Add users to a group
32 Create a computer object
33 Searching
34 Changing Domains
35 ADSI Edit
36 How do I get it?
On openSUSE: sudo zypper in yast2-adsi
Fedora repos: https://build.opensuse.org/project/show/home:hellcp:YaST-for-Fedora or git clone https://github.com/yast/yast2-adsi.git git clone https://github.com/yast/yast2-adcommon-python.git
37 ADSI Edit
38 Hierarchical Treeview
39 Changing Naming Contexts
40 Default Naming Context
41 RootDSE Naming Context
42 Configuration Naming Context
43 Schema Naming Context
44 User Properties
45 Group Properties
46 Creating Objects
47 (Bonus) Provisioning an Active Directory DC
48 How do I get it?
On openSUSE: sudo zypper in yast2-samba-provision
Fedora repos: https://build.opensuse.org/project/show/home:hellcp:YaST-for- Fedora or git clone https://github.com/yast/yast-samba-provision.git
49 Provisioning a Samba ADDC
50 Future Work
● YaST DNS Manager for Samba AD-DC ● Additional Features for YaST ADSI Edit and YaST ADUC ● LDAP query dialog for ADSI Edit
51 DNS Manager (in progress)
52 Some takeaways
● samba-tool api? ● Empty SambaOptions and CredentialsOptions required to instantiate Command. ● Credential to CredentialsOptions to Credential is wasteful. ● Parsing the Command object outf seems silly. ● Above makes sense for testing, but not interfacing with a GUI.
53 For more info github.com/orgs/yast/teams/samba-team [email protected]
Report bugs to: bugzilla.opensuse.org
54 Questions?
55