[Samba] Automatic creation of home directories when using winbind

dj at 4ict.com dj at 4ict.com
Thu Apr 11 12:28:02 GMT 2002 

Hello,

I've seen a couple of mails here asking how to automatically create home
directories for users that are being added to the system by winbind.

The answer is using the pam_mkhomedir module as said in response to some
of those quesitons. But the help out a little more I've made a overview on
the exact proceedings of setting this up:

You edit the pam configuration file for Samba. On a recent RedHat
system the directory "/etc/pam.d" contains pam configuration for all
services that require authentication. So you edit the "samba" file in that
directory, add this line to the file "/etc/pam.d/samba" :

   session    required pam_mkhomedir.so skel=/etc/sambaskel umask=0022

Because the order is important in these pam configuration files you need
to put this line before all other lines that start with "session", but
after the lines that start with "auth" or "account".

The "skel" parameter indicates which directory is used as skeleton. This
just means that everything that is inside the skel-directory is also
copied to the home directory being created. The "umask" parameter sets the
default permissions given to new files created in the home directory. See
"man umask" for more details.

Next you need to tell Samba to use this pam configuration file. This first
of all means that Samba needs to be compiled with the "--use-pam" switch.
This can been taken care of by the makerpms.sh script you can use to make
a Samba rpm file.

You also need the set the Samba parameter "obey pam restrictions" to yes
in your smb.conf file. Also read the explenation about this parameter in
the smb.conf man page to check if you also need to take care of other
things when setting this parameter to yes.

That should be it. If you added a [homes] share and login with a user that
doesn't have a home dir on the Samba server it should be created.

Enjoy it,
Tim

-- 
==============================================================================
Tim Verhoeven
                               Music Services - Michel Stoffels
GSM : 0496 / 693 453                          + Deejayteam
Email : dj at sin.khk.be                         + Sound & Light rentals
URL : www.sin.khk.be/~dj/                     + P.A. services
=========Public PGP-Key at : http://www.sin.khk.be/~dj/publickey.txt==========
          Member of Student Information Networking (www.sin.khk.be)

More information about the samba mailing list