4.2rc2 and winbindd and unixHomeDirectory
Rowland Penny
repenny241155 at gmail.com
Wed Oct 22 03:37:07 MDT 2014
On 22/10/14 09:44, Andrew Bartlett wrote:
> On Tue, 2014-10-21 at 09:56 +0100, Rowland Penny wrote:
>> OK, another update, the fix for bug 10852 is to change one word in
>> 'source3/winbindd/wb_fill_pwent.c' and then recompile, this gets you
>> from this:
>>
>> rowland:*:10000:10000:Rowland Penny:/home/%D/%U:/bin/false
>>
>> To this:
>>
>> rowland:*:10000:10000:Rowland Penny:/home/EXAMPLE/rowland:/bin/false
>>
>> Better, just like it was with 'winbind', but not as good as the same
>> daemon 'winbindd' on a client:
>>
>> rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
> What config do you use on that client?
>
> That same config should now work on the AD DC. I've not tested that
> however, but it would help if you could investigate this for us.
>
> Thanks,
>
> Andrew Bartlett
>
OK, here is the smb.conf from the test DC:
# Global parameters
[global]
workgroup = EXAMPLE
realm = example.com
netbios name = DEBDC
server role = active directory domain controller
dns forwarder = 8.8.8.8
idmap_ldb:use rfc2307 = yes
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind enum users = yes
winbind enum groups = yes
; winbind use default domain = yes
winbind use default domain = no
winbind expand groups = 4
winbind nss info = rfc2307
winbind refresh tickets = Yes
; winbind normalize names = Yes
winbind normalize names = no
idmap config * : backend = tdb
idmap config * : range = 2000-9999
idmap config EXAMPLE : backend = ad
idmap config EXAMPLE : range = 10000-999999
idmap config EXAMPLE : schema_mode = rfc2307
log level = 9
[netlogon]
path = /usr/local/samba/var/locks/sysvol/example.com/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
A similar smb.conf on a test client works.
Rowland
More information about the samba-technical
mailing list