[Samba] SUMMARY: Getent does not get remote users

Andrew Bartlett abartlet at samba.org
Tue Mar 9 11:36:05 GMT 2004

On Tue, 2004-03-09 at 16:33, Arno Hahma wrote: 
> On 8. Mar, 2004, at 13:42, Andrew Bartlett wrote:

>                 still other problems like having to set
>                 /homepermissions to 1777 since 
>                 PAM is apparently not run
>                 as root and cannot create home directories, if /home
>                 is not world 
>                 writable. I don't actually like this, 
>         Is this with SSH?  This is an OpenSSH bug/feature.  This pam
>         module 
> No, but with samba-3.0.2a. That is, winbindd can't create homedirs

Winbind will *never* create home directories.  

> ,unless /home 
> has been set to 1777 -mode (or subdirs in /home, if domain (%D)
> isbeing used as an additional
> level in template directory). Apparently, samba runs the
> pam-modulepam_mkhomedir.so 
> without root-permissions and creates the directory as the
> owner:groupitself.

If so configured, smbd will run PAM for account/session modules, but it
will do so with root privileges.

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040309/77a78a13/attachment.bin

More information about the samba mailing list