[Samba] home template not expanding for winbind (repost)

Mon Sep 27 16:19:04 GMT 2004

Hi

Repost of an earlier question, getting desperate here, Googled, searched
mailing lists, but no solution yet...

Anyway, I have a RH EL 3 server running Samba 3.0.7 that joins a NT 4 domain
and uses winbind to enable SSO and all that good stuff.

All seems fine, joins domain OK, wbinfo -u, wbinfo -g, getent passwd, getent
group all seems to work fine

I have home template = /home/winnt/%D/%U in smb.conf and  'getent passwd'
lists all users in the NT domains (there are several trusted domains).. with
the home directory expanded properly e.g.

ALPHA+fred:x:100001:10001:Fred Smith:/home/winnt/ALPHA/fred:

and so on...

and users can access samba shares from their PC's fine (but not there [home]
share for reasons detailed below)..

Once they have done so (accessed samba from their PC), when if I type
'getent passwd fred' then it lists

fred:x:10001:99:Fred Smith:/home/winnt/%D/%U:

i.e. without the home template expanded, and in group 99 (nobody) i.e. not
in the previously listed by 'getent passwd'... NB. If I typed 'getent passwd
fred' before they accessed the share I got nothing(!?)

Any ideas why it is doing this?

This is a major stumbling block as far as this implementation is concerned
for 2 reasons :-

1. They have 20,000 users (yes 20,000!) in the trusted domains  and I'm
going to need a way of creating home shares (any clues on how to do this BTW
apart from pam_mkhomedir which ISTR requires that they telnet/ssh in 1st,
which can't be guaranteed) and home directories automatically when they are
accessed (users come and go frequently enough) so just creating them all
isn't good enough.

2. They will need to login to the Linux server using telnet/ssh... I've done
the necessary to /etc/pam.d/login for testing with telnet (not exactly as
shown on pp. 346/347 of TOSHARG although that's a different story with it's
own problems that I'll address next) and although I can login as fred I get
'No directory /home/winnt/%D/%U' and I'm dumped in /...

As I say, this is a real killer on installation of this server, I've hunted
high and low but found nothing that gives any clues...

All help appreciated..

BTW, nscd definitely *isn't* running...

TIA

--
Tony Scholes
tonys at beacon.co.uk

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.766 / Virus Database: 513 - Release Date: 17/09/2004