[Samba] Automatic creation of home directories when using winbind

[Andrew Bartlett]

Warwick Smith wrote:
> 
> Thanks for your post - do you know if thus will only work if you use
> winbind?
> 
> I have my unix boxes using an LDAP passwd/group backend using the
> pam_ldap/nss_ldap combo and have samba set to use the same database.  This
> works great and allows me to have all user info in one place without the
> need for winbind.

It works regardless - it only cares about a user not having their home
dir.

> The reason I haven't wanted winbind is the usernames (user+domain) you use
> under unix and the comment in the doc about dynamically created RIDs and if
> the mapping list gets corrupted then your screwed.
> 
> Back to my question - do you know if the /etc/pam.d/samba file is used only
> by the winbind daemon, or does does samba itself use this (and thus can
> create the dirs).

It is used only by smbd, winbind won't call it.  Users should get a
homedir on first login, via the program that logs them in.

> I am running redhat 7.2 and have the pam_mkhomedir entry in the session line
> in the /etc/pam.d/system-auth file.  I currently have no /etc/pam.d/samba
> file.

You will need to setup that file, make it look like the others in the
/etc/pam.d/ directory.  You will also need to set 'obey pam restrictions
= yes' in your smb.conf

Add it to your system-auth file, so all login methods catch it.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net