[Samba] Automatic creation of home directories when using winbind

Mon Apr 15 08:45:02 GMT 2002

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The parth that sometimes catches people is that you have to make the
parent directory of the home directory. So if you are using :

template homedir = /home/%D/%U

You need to make /home/%D for each domain that you want to allow users from.

Of course, what would be really nice is integration with pam_mount, so
that users automatically mount a share on an existing server as their
home directory. Unfortunately, this either requires the default domain
parameter in samba-3.0-alpha, or some changes to pam_mount.

Buchan

| Message: 12
| Date: Thu, 11 Apr 2002 21:26:37 +0200 (CEST)
| From: <dj at 4ict.com>
| To: <samba at lists.samba.org>
| Subject: [Samba] Automatic creation of home directories when using winbind
|
| Hello,
|
| I've seen a couple of mails here asking how to automatically create home
| directories for users that are being added to the system by winbind.
|
| The answer is using the pam_mkhomedir module as said in response to some
| of those quesitons. But the help out a little more I've made a overview on
| the exact proceedings of setting this up:
|
| You edit the pam configuration file for Samba. On a recent RedHat
| system the directory "/etc/pam.d" contains pam configuration for all
| services that require authentication. So you edit the "samba" file in that
| directory, add this line to the file "/etc/pam.d/samba" :
|
|    session    required pam_mkhomedir.so skel=/etc/sambaskel umask=0022
|
| Because the order is important in these pam configuration files you need
| to put this line before all other lines that start with "session", but
| after the lines that start with "auth" or "account".
|
| The "skel" parameter indicates which directory is used as skeleton. This
| just means that everything that is inside the skel-directory is also
| copied to the home directory being created. The "umask" parameter sets the
| default permissions given to new files created in the home directory. See
| "man umask" for more details.
|
| Next you need to tell Samba to use this pam configuration file. This first
| of all means that Samba needs to be compiled with the "--use-pam" switch.
| This can been taken care of by the makerpms.sh script you can use to make
| a Samba rpm file.
|
| You also need the set the Samba parameter "obey pam restrictions" to yes
| in your smb.conf file. Also read the explenation about this parameter in
| the smb.conf man page to check if you also need to take care of other
| things when setting this parameter to yes.
|
| That should be it. If you added a [homes] share and login with a user that
| doesn't have a home dir on the Samba server it should be created.
|
| Enjoy it,
| Tim
|

- --
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE8uvUwrJK6UGDSBKcRAuPFAJ9yV3TMOiSEcgK26wPx8bVStHrkPwCgzKUX
WefXGVgjuTUpL/uM2nxHgU8=
=veie
-----END PGP SIGNATURE-----