[Samba] Automatic creation of home directories when using winbind

Thu Apr 11 17:02:01 GMT 2002

Thanks for your post - do you know if thus will only work if you use
winbind?

I have my unix boxes using an LDAP passwd/group backend using the
pam_ldap/nss_ldap combo and have samba set to use the same database.  This
works great and allows me to have all user info in one place without the
need for winbind.

The reason I haven't wanted winbind is the usernames (user+domain) you use
under unix and the comment in the doc about dynamically created RIDs and if
the mapping list gets corrupted then your screwed.

Back to my question - do you know if the /etc/pam.d/samba file is used only
by the winbind daemon, or does does samba itself use this (and thus can
create the dirs).

I am running redhat 7.2 and have the pam_mkhomedir entry in the session line
in the /etc/pam.d/system-auth file.  I currently have no /etc/pam.d/samba
file.

Regards,

Warwick Smith
Electronic Services Officer / Webmaster
Email: warwick at imvs.sa.gov.au
Web:   http://www.imvs.sa.gov.au
Tel:   +61 8 82223832
Fax:   +61 8 82223147

* If it's never finished, you can't prove it doesn't work. *

> -----Original Message-----
> From: samba-admin at lists.samba.org [mailto:samba-admin at lists.samba.org]On
> Behalf Of dj at 4ict.com
> Sent: Friday, 12 April 2002 4:57 AM
> To: samba at lists.samba.org
> Subject: [Samba] Automatic creation of home directories when using
> winbind
>
>
> Hello,
>
> I've seen a couple of mails here asking how to automatically create home
> directories for users that are being added to the system by winbind.
>
> The answer is using the pam_mkhomedir module as said in response to some
> of those quesitons. But the help out a little more I've made a overview on
> the exact proceedings of setting this up:
>
> You edit the pam configuration file for Samba. On a recent RedHat
> system the directory "/etc/pam.d" contains pam configuration for all
> services that require authentication. So you edit the "samba" file in that
> directory, add this line to the file "/etc/pam.d/samba" :
>
>    session    required pam_mkhomedir.so skel=/etc/sambaskel umask=0022
>
> Because the order is important in these pam configuration files you need
> to put this line before all other lines that start with "session", but
> after the lines that start with "auth" or "account".
>
> The "skel" parameter indicates which directory is used as skeleton. This
> just means that everything that is inside the skel-directory is also
> copied to the home directory being created. The "umask" parameter sets the
> default permissions given to new files created in the home directory. See
> "man umask" for more details.
>
> Next you need to tell Samba to use this pam configuration file. This first
> of all means that Samba needs to be compiled with the "--use-pam" switch.
> This can been taken care of by the makerpms.sh script you can use to make
> a Samba rpm file.
>
> You also need the set the Samba parameter "obey pam restrictions" to yes
> in your smb.conf file. Also read the explenation about this parameter in
> the smb.conf man page to check if you also need to take care of other
> things when setting this parameter to yes.
>
> That should be it. If you added a [homes] share and login with a user that
> doesn't have a home dir on the Samba server it should be created.
>
> Enjoy it,
> Tim
>
> --
> ==================================================================
> ============
> Tim Verhoeven
>                                Music Services - Michel Stoffels
> GSM : 0496 / 693 453                          + Deejayteam
> Email : dj at sin.khk.be                         + Sound & Light rentals
> URL : www.sin.khk.be/~dj/                     + P.A. services
> =========Public PGP-Key at :
http://www.sin.khk.be/~dj/publickey.txt==========
          Member of Student Information Networking (www.sin.khk.be)

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba