getent gives different info
steve
steve at steve-ss.com
Tue Aug 21 10:51:04 MDT 2012
On 21/08/12 17:54, Rowland Penny wrote:
> On 21/08/12 16:28, steve wrote:
>> On 21/08/12 15:10, Rowland Penny wrote:
>>> On 21/08/12 13:49, Gémes Géza wrote:
>>>> 2012-08-21 13:21 keltezéssel, Rowland Penny írta:
>>>>> Hi, can somebody explain to me why Samba 4 getent returns different
>>>>> info compared to Samba 3.6.3?
>>>>>
>>>>> If I run the command 'getent passwd student1' on the Samba 4 server I
>>>>> get:
>>>>>
>>>>> HOME\student1:*:3000039:3000036::/home/HOME/student1:/bin/bash
>>>>>
>>>>> But the same command on a Samba 3.6.3 client gives:
>>>>>
>>>>> student1:*:3000039:3000036::/home2/students/7a/student1:/bin/bash
>>>>>
>>>>> I understand the addition of the domain at the start of the Samba 4
>>>>> info line, but why does it return a different (and incorrect) home
>>>>> directory? All the info returned by Samba 3.6.3 is correct.
>>>>>
>>>>> Rowland
>>>>>
>>>>>
>>>>>
>>>> Hi,
>>>>
>>>> The difference is caused by the different behavior of winbind from
>>>> samba3 and the winbind integrated into the samba binary from samba4.
>>>> The latter doesn't support retrieving homes and shells from the
>>>> directory and relies on the template homedir and template shell
>>>> variable instead. Andrew Bartlett said this behavior will be changed
>>>> (repaired) only after samba4 will be released in a (hopefully not too
>>>> far) point release.
>>>>
>>>> Regards
>>>>
>>>> Geza Gemes
>>>>
>>>>
>>> Thanks, also I take it that when you say template homedir and template
>>> shell, you mean the lines that can be added to smb.conf.
>>>
>>> Rowland
>>>
>>>
>> Hi Rowland
>> That's why on the DC we use nss-pam-ldap for mapping. With
>> winbind use default domain = Yes
>> on the Samba3 box, you will get _exact_ mappings. Unfortunately, as
>> Géza says, winbind in the samba binary isn't ready to pull home
>> directories from LDAP yet. That's why we went with nslcd/ldapd from
>> the start.
>> HTH
>> Cheers,
>> Steve
>>
>>
>>
> Hi Steve, the way you are working needs to get the mappings on the
> server, I on the other hand, using libpam-mount & winbind, use the
> unixhomedirectory pulled by samba 3.6.3 on the client, I get the correct
> homedirectory for the user without the use of symlinks.
>
> Rowland
>
Hi Rowland
No symlinks here, just that we do things in a slightly different way.
What we see on the server is wysiwyg on the clients too. We went with
nss-pam-ldapd because we get perfect server to client mapping. If I see
steve2:Domain Users
on the DC, I also see
steve2:Domain Users on the clients.
Our main problem with pam-mount was that unless you have some network
mounted shares already, the user gets his home directory and nothing
else. We went with NFS for the Linux side because we can mimik the samba
file shares exactly. Just two ways of doing what is the same thing I
suppose.
Cheers,
Steve
More information about the samba-technical
mailing list