TLDR: Can I sensible manage samba accounts in openldap with Apache Directory Studio (or other general purpose ldap editors)?
I'm currently trying to move away from GOsa as our LDAP management tool. (Also I'm changing cyrus to dovecot, but that's taken care of.) I want to get away from solutions like GOsa, because it was hard for us to enhance their software for our need while staying up to date with their code. Also the project had the latest release in 2012. I would like to edit our users with general purpose ldap interfaces like Apache Directory Studio or similar.
Since we use the directory also for storing our samba accounts, I realized that GOsa did more in that department than I thought. I don't want to manually generate the different samba password hashes (sambaLMPassword, sambaNTPassword) and the non human readable fields (sambaPwdLastSet, sambaMungedDial) myself. Also managing the ids could be something that the tool should do. Is there any way between tools like GOsa and LAM and the complete manual approach? Or do I have to use smbldap-tools on the console and edit the rest in ADS? :/
Thanks!
Edit: samba 4, but in classic mode
ADS does this somewhat but probably not to the full extent you're talking about. That said, it is open source so if you have the development time behind this it might not be that infeasible.
https://www.ldap-account-manager.org/lamcms/
LAM isn't that far off from what you're looking for, however, I would note that in my search for something similar I figured out that really what I was looking for was federated access and centralized access management. Our company will inevitably move on to SSO, so having these things in the roadmap was important.
Those tools will accomplish what you're looking for in a more programmatic fashion as you mentioned.