Table of Contents

Ubuntu - Samba - Active Directory User Management

This is the basic user management for Samba4 Active Directory Domain Controller.


Display domain users

sudo samba-tool user list

returns:

Administrator
testuser
Guest

Add a domain user

sudo samba-tool user create testuser
 
New Password:     # set password
 
Retype Password:
User 'testuser' created successfully

NOTE: See many other options with:

samba-tool user create --help

Delete a domain user

sudo samba-tool user delete testuser

returns:

Deleted user testuser

Reset password for a user

sudo samba-tool user setpassword testuser
 
New Password:
Changed password OK

Set expiry for a user

sudo samba-tool user setexpiry testuser --days=7
 
Expiry for user 'testuser' set to 7 days.

Disable/Enable user account

sudo samba-tool user disable testuserr
sudo samba-tool user enable testuser
 
Enabled user 'testuser'

Display domain groups list

sudo samba-tool group list
 
Allowed RODC Password Replication Group
Enterprise Read-Only Domain Controllers
Denied RODC Password Replication Group
...
...
DnsAdmins
Guests
Users

Display members in a group

sudo samba-tool group listmembers "Domain Users"
 
Administrator
testuser
bionic

Add a domain group

sudo samba-tool group add ShareWiz
 
Added group ShareWiz

NOTE: See many other options with:

samba-tool group add --help

Delete a domain group

sudo samba-tool group delete ShareWiz
 
Deleted group ShareWiz

Add/remove a member from a domain group

sudo samba-tool group addmembers ShareWiz testuser
 
Added members to group ShareWiz
sudo samba-tool group removemembers ShareWiz testuser
 
Removed members from group ShareWiz