Creating multiple users

NethServer Version: NethServer release 7.3.1611 (rc3)
Module: nethserver-dc (Account provider: Samba Active Directory)

Hi,

is there a syntax that would allow us to create users without going through gui?

We have lots of users on different mail servers which we would like to migrate on NethServer platform so we could use Active Directory. Creating and entering user one by one is a tiresome and time consuming job, so I was wondering is there a much quicker solution to create multiple users at once.

As we have right now, to create one user we have to create local user (often creating a group and dedicate user to some groups), create email address for this user, and then create pop3 connector for the same user. Process is quite slow as you can see, and we are looking for a solution but so far haven’t found anything that could help us.

Thank you in advance, and best wishes for the holidays.
Kind regards,
Jurica

There are multiple options to create users in batches.
If you’re going to use Active Directory, your best option is to use common windows tools, such as powershell.
I never tested it, I just found:
https://gallery.technet.microsoft.com/scriptcenter/New-User-Creation-tool-14fa73cd
If you prefer to remain on Linux, samba offers some tools:
https://wiki.samba.org/index.php/User_and_Group_management

Unfortunately, I’ve hit a roadblock when trying to use PowerShell with NethServer DC; I am not saying that’s impossible, on the contrary, just read on.

I was able to install RSAT tools and manage the NethServer DC from a Windows 10 joined to the domain machine:

• Adding OUs, users and groups, and managing them works wonderfully:
  

• Managing the DNS server (and the AD DNS zone) also works great:
  

  

  DNS.png744×470 35.5 KB

The problem that I’ve hit when trying to use PowerShell to create users, groups or , generally speaking, to create and edit Active Directory objects on the Nethserver Domain Controller is that it’s impossible to load/import the ActiveDirectory module:

ADCU_PS_Error.png778×343 9.46 KB

The error message makes sense:

WARNING: Error initializing default drive: ‘Unable to find a default server with Active
Directory Web Services running.’.

The ActiveDirectory PowerShell module uses the Active Directory Web Services (ADWS) that are running on the target Domain Controller, and we cannot expect to have this feature running on the Nethserver DC.

As a matter of fact, the ADWS were introduced with Windows Server 2008R2. I am positive that I was able to bulk create users in PowerShell before that release - with Server 2008 for example. Actually, I am working on and testing a solution, and if it works fine, I’ll post a short video about it as well.

Best regards,

Dean

And please write a documentation on the wiki, others will certainly needs your skill.

Not sure it is released but you have also this thread to read

Absolutely. I’ll update the wiki as well.

Here is an update. At first, I jumped onto the PowerShell script train. Then, I remembered that years ago there was an enthusiast, who published a very simple and free “AD Bulk Admin Tool” on sourceforge.

I gave it a try yesterday, and it works like a charm. You just need to fill in the provided excel spreadsheet, and then run the GUI tool; there is a x86 and x64 bit version, so be careful which one you start.

Regards,

Dean

Just out of interest, is there any good equivalent GUI client tool available for Linux that uses either QT, GTK or other similar API (alternatively, is there any ncurses based console tools that can be used)?

I think it doesn’t… and, if you think, it makes no sense: AD is a Windows thing, no reason and no interest to have some tool for linux

@Stefano_Zamboni
I understand that AD is a Windows protocol but I don’t see any reason why not to administrate it from a non MS based platform.

well… until last year, M$ doesn’t even aknowledge linux existence

more over, if you need AD, you need it for windows client… if you have only linux server and linux clients, you don’t need AD (ask @davidep about it )

if you have at least one windows client, you are supposed to administrate AD from it… it’s not so difficult or absurd

@Stefano_Zamboni
I agree that if only using Linux clients then it would be absurd, but if working within a mixed environment, then (if only for the sake of convince) why not have a Linux based admin tool?

I also realize that if using only Linux then it maybe more appropriate to use LDAP and an equivalent LDAP admin tool (either that or only use the NS internal interface / web based GUI).

while I’d agree with you, such kind of tool is of no interest… why should anyone waste time to create a linux AD management tool if M$ give you a native one for free?

I suppose so, I guess that you could use the MS native tools within a WINE environment.

Oh well, it was only an afterthought!

or PowerShell on linux. I just tried this for the first time (on CentOS 7):

• Downloaded powershell-6.0.0_alpha.14-1.el7.centos.x86_64.rpm from github
• yum localinstall powershell-6.0.0_alpha.14-1.el7.centos.x86_64.rpm
• Just typed powershell and checked the PS version with $PSVersionTable.PSVersion

I haven’t tried anything more complicated - just my two cents in the discussion above:

PowerShell_on_CentOS.png1041×307 6.7 KB

As an afterthought, that’s a damn good approach to migrate from a legacy windows Domain Controller - just connect and extract all groups and user accounts with their attributes from the old DC, and pipe them into the NethServer (if that works of course).

Regards,

Dean

Yes, the TSV import scripts are now documented here:

http://docs.nethserver.org/en/v7rc/accounts.html#import-users

Thanks for making it available.