[Samba] windbind, 'template homedir', and macros

Gautier, B (Bob) Bob.Gautier at rabobank.com
Wed Feb 1 10:23:59 GMT 2006 

 

> -----Original Message-----
> From: samba-bounces+bob.gautier=rabobank.com at lists.samba.org 
> [mailto:samba-bounces+bob.gautier=rabobank.com at lists.samba.org
] On Behalf Of Jonathan C. Detert
> Sent: 31 January 2006 23:25
> To: samba at lists.samba.org
> Subject: [Samba] windbind, 'template homedir', and macros
> 
> I am currently using Mssfu, nss_ldap, and pam_ldap to enable 
> my linux boxes to auth against MsA.D. and get all their user 
> info from MsA.D.
> 
> I recently discovered that winbind can accomplish the same 
> without Mssfu, as long as I'm content to be limitted by the 
> winbind config directives 'template shell' and 'template 
> homedir'.  I'd like to drop sfu if I can.
> 
> The 'template shell' limitation (all users have same login 
> shell) is no problem for me.
> 
> The 'template homedir' limitation (all users have homedir 
> defined by recognized macros) might be a problem for me: I 
> don't want all the homedirs to have the same parent dir, for 
> performance reasons.
> 
> The typical example given is 'template homedir = 
> /home/%D/%U'.  Since I only have one MsAD domain, this is 
> really equivalent for me to 'template homedir = /home/%U'.
> 
> Can anyone suggest a use of macros to spread the homedirs out 
> thru multiple hierarchies?  Does the %g macro (primary group) 
> have meaning without NIS or mssfu?

I realise you wanted to use macros, but... you could use symlinks, e.g.

/home/bob.gautier -> /home/g/bob.gautier
/home/john.doe -> /home/d/john.doe

Or whatever rule works for you.  Then just use 'template homedir =
/home/%U'.

This is very easy if you can pre-create the home directories.

If you are letting pam_mkhomedir make home directories, then users will
get a home directory in /home the first time they log in.  A cron job,
or maybe even a samba preexec or postexec script could clean that up.

Bob G

> 
> thanks
> --
> Happy Landings,
> 
> Jon Detert
> IT Systems Administrator, Milwaukee School of Engineering
> 1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
> 
_____________________________________________________________

This email (including any attachments to it) is confidential, legally privileged, subject to copyright and is sent for the personal attention of the intended recipient only. If you have received this email in error, please advise us immediately and delete it. You are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. Although we have taken reasonable precautions to ensure no viruses are present in this email, we cannot accept responsibility for any loss or damage arising from the viruses in this email or attachments. We exclude any liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided in this email or its attachments, unless that information is subsequently confirmed in writing. If this email contains an offer, that should be considered as an invitation to treat.
_____________________________________________________________

More information about the samba mailing list