[Samba] winbind: homeDirectory being ignored
Stéphane PURNELLE
stephane.purnelle at corman.be
Tue Jun 24 08:42:15 MDT 2014
I don't retrieve the source and solution n samba wiki page, but I know
that there are a trick about home directory management and winbind
Maybe check template homedir (G) in smb.conf
-----------------------------------
Stéphane PURNELLE Admin. Systèmes et Réseaux
Service Informatique Corman S.A. Tel : 00 32 (0)87/342467
samba-bounces at lists.samba.org wrote on 24/06/2014 14:41:35:
> De : Brian Candler <b.candler at pobox.com>
> A : samba at lists.samba.org,
> Date : 24/06/2014 14:42
> Objet : [Samba] winbind: homeDirectory being ignored
> Envoyé par : samba-bounces at lists.samba.org
>
> Something strange here. User created using:
>
> root at dc1:~# samba-tool user add user7 Abcd1234 --uid-number=1007
> --home-directory=/home/user7 --login-shell=/bin/bash
> User 'user7' created successfully
>
> I can see the homeDirectory attribute in the entry. But the home
> directory that winbind returns is just the template one:
>
> root at adclient:~# getent passwd user7
> user7:*:1007:70001:user7:/home/ADTEST/user7:/bin/bash
>
> Here is /etc/samba/smb.conf on the adclient machine:
>
> --- 8< ---
> [global]
>
> #netbios name = adclient
> workgroup = ADTEST
> security = ADS
> realm = ADTEST.INT.EXAMPLE.NET
> encrypt passwords = yes
> kerberos method = secrets and keytab
>
> idmap config *:backend = tdb
> idmap config *:range = 70001-80000
> idmap config ADTEST:backend = ad
> idmap config ADTEST:schema_mode = rfc2307
> idmap config ADTEST:range = 500-40000
>
> winbind nss info = rfc2307
> winbind trusted domains only = no
> winbind use default domain = yes
> winbind enum users = yes
> winbind enum groups = yes
> --- 8< ---
>
> This is based on
> https://wiki.samba.org/index.php/
> Setup_a_Samba_AD_Member_Server#Set_up_a_basic_smb.conf
> (and notice that it includes "winbind nss info = rfc2307")
>
> The full LDAP record is below. Both machines are ubuntu 14.04, Samba
4.1.6.
>
> Any ideas what I'm doing wrong?
>
> Thanks,
>
> Brian.
>
> ------------
> root at dc1:~# ldapsearch -b
> CN=user7,CN=users,DC=adtest,DC=int,DC=example,DC=net
> SASL/GSSAPI authentication started
> SASL username: user at ADTEST.INT.EXAMPLE.NET
> SASL SSF: 56
> SASL data security layer installed.
> # extended LDIF
> #
> # LDAPv3
> # base <CN=user7,CN=users,DC=adtest,DC=int,DC=example,DC=net> with scope
> subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # user7, Users, adtest.int.example.net
> dn: CN=user7,CN=Users,DC=adtest,DC=int,DC=example,DC=net
> cn: user7
> instanceType: 4
> whenCreated: 20140624123352.0Z
> whenChanged: 20140624123352.0Z
> uSNCreated: 4281
> name: user7
> objectGUID:: XX+EJB9AHk+JuLSU5PkJDA==
> badPwdCount: 0
> codePage: 0
> countryCode: 0
> homeDirectory: /home/user7
> badPasswordTime: 0
> lastLogoff: 0
> lastLogon: 0
> primaryGroupID: 513
> objectSid:: AQUAAAAAAAUVAAAAZ5nUF79P8gY2aC90ZAQAAA==
> accountExpires: 9223372036854775807
> logonCount: 0
> sAMAccountName: user7
> sAMAccountType: 805306368
> userPrincipalName: user7 at adtest.int.example.net
> objectCategory:
> CN=Person,CN=Schema,CN=Configuration,DC=adtest,DC=int,DC=examp
> le,DC=net
> uidNumber: 1007
> loginShell: /bin/bash
> objectClass: top
> objectClass: posixAccount
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> pwdLastSet: 130480868320000000
> userAccountControl: 512
> uSNChanged: 4285
> distinguishedName: CN=user7,CN=Users,DC=adtest,DC=int,DC=example,DC=net
>
> # search result
> search: 5
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list