[Samba] Mounting home directory from Windows in Linux

Dale Schroeder dale at BriannasSaladDressing.com
Thu Sep 7 15:25:09 GMT 2006 

Try "valid users = DOMAIN\%S"
Keep in mind that this parameter is broken in 3.0.23, but has been 
resolved in 3.0.23c.
I'm still waiting on the updated debs so that I can upgrade.

Dale

Shaun J. O'Callaghan wrote:
> Hi All,
>
>  
>
> I'm using samba 3.0.10-1 on RedHat Enterprise Linux 4.
>
>  
>
> I'm authentication to our PDC using Winbind and also mounting our home
> directory share (from Windows) onto our main Linux server such that when
> a user logs on to the Linux server, their Windows home directory is
> mounted also.
>
>  
>
> I'm using the domain admin account to mount the home directory share,
> which I feel is probably not the best way to go about doing this because
> when a user logs in to their account they can "cd .." and traverse other
> user accounts.
>
>  
>
> How should this share be correctly mounted using Samba ?
>
>  
>
> I've pasted smb.conf below, I've tried multiple arrangements of 'create
> mask', 'directory mask' and 'directory security mask' even though (if
> I'm right) they shouldn't be needed when using winbind.
>
>  
>
> Can anybody please shed any light on this?
>
>
> Kind Regards,
>
>  
>
> Shaun O'Callaghan
>
>  
>
>  
>
> smb.conf
>
>  
>
> [global]
>
>    workgroup = OUR_DOMAIN
>
>    server string = Linux
>
>    printcap name = /etc/printcap
>
>    load printers = yes
>
>    cups options = raw
>
>    log file = /var/log/samba/%m.log
>
>    max log size = 50
>
>    security = ads
>
>    realm = OUR_FULLY_QUALIFIED_DOMAIN
>
>    encrypt passwords = yes
>
>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>
>    dns proxy = no
>
>  
>
>    idmap uid = 16777216-33554431
>
>    idmap gid = 16777216-33554431
>
>    template shell = /bin/bash
>
>    winbind use default domain = yes
>
>    password server = IP_OF_PDC
>
>  
>
> [homes]
>
>    comment = Home Directories
>
>    path = /home/DOMAIN/
>
>    browseable = no
>
>    create mask = 0700
>
>    directory mask = 0700
>
>    directory security mask = 0700
>
>    admin users = OUR_DOMAIN\ADMINISTRATOR
>
>    writable = yes
>
>    ***valid users = DOMAIN\%S***
>
>

More information about the samba mailing list