[Samba] SUMMARY: Getent does not get remote users
Arno Hahma
arno at jyu.fi
Mon Mar 8 09:00:34 GMT 2004
The problem was solved. Thanks to Stefan Günther for help and for
providing a working
smb.conf excerpt, which helped to trace the problem.
It turned out I had configured samba just right. The problem was, that
samba was not
compiled with ldap -support and winbindd simply did not ask for users
from the active directory domain controller. This was due to the fact,
that Gentoo Linux ebuild did not enable all the needed modules. All
problems disappeared after I recompiled samba-3.0.2a manually with all
the necessary configure --with -switches.
The other problem with creating users' home directories was solved as
well. It also turned out
I had configured PAM just right. The key to success is the keyword
"obey pam restrictions = yes"
in smb.conf. If that is not set, samba ignores PAM directives and
that's it. Of course, there are
still other problems like having to set /home permissions to 1777 since
PAM is apparently not run
as root and cannot create home directories, if /home is not world
writable. I don't actually like this,
since local shell users can create files directly on /home, which may
or may not be a problem. Also, PAM can only create one level of
directories, that is, the base dir must exist before this will work.
Thus, if you set "template homedir = /home/%D/%U" in smb.conf, make
sure the
directory %D exists in advance!
--
ArNO
2
More information about the samba
mailing list