[Samba] Help configuring Samba-3 to share $HOME directories

Chris Heller tomaco at gmail.com
Thu Feb 10 14:20:45 GMT 2005

I'm looking for help configuring Samba-3 to allow me to share out home
directories from a UNIX host to Windows XP clients so that my Windows
domain users can read and write to their home directories on the UNIX

I've attempted to follow the examples in "Samba-3 by Example" to no
success. I've also followed the tutorial:
http://bob.rasey.net/archives/000137.html, which got me pretty far, but
not far enough.

Right now I can get to the point where I can browse to the Samba server
on the Windows network, and view my home directory share. But the only
way I can connect to the server is if I change the UNIX permission on
the directory to 755.

This is not the behavior I want.

Ideally I want to allow users to have a UNIX account, independent of
their Windows domain account. I would like a user who has authenticated
themselves on the domain to be able to browse out to a server and view
the home directory of the UNIX account with the same account name (or
properly mapped via smbusers). I also want the home directory to be the
one listed in /etc/passwd and not constructed from the username and the
'template homedir' directive.

Unfortunately this 'template homedir' directive seems necessary
otherwise Samba tries to chdir to /home/DOMAIN/user.

With Samba-2 this was possible, and quite simple, and I'd like to be
able to work this in Samba-3 as well.

Is this possible?

I've included the smb.conf and krb5.conf for my Samba-3 server, and
also the smb.conf for my working Samba-2 server.

=== Samba-3 smb.conf ===

# Samba 3.0.9
        workgroup = DOMAIN
        realm = DOMAIN.COM
        server string = Samba3 Server
        security = ADS
        username map = /etc/samba/smbusers
        log level = 3
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        dns proxy = No
        wins server =
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind use default domain = Yes

        comment = Home Directories
        read only = No
        create mask = 0664
        directory mask = 0775
        browseable = No

=== krb5.conf ===

        default_realm = DOMAIN.COM

        DOMAIN.COM = {
                kdc = ads1.domain.com

        .DOMAIN.com = DOMAIN.COM
        DOMAIN.com = DOMAIN.COM

=== Samba-2 smb.conf ===
# Samba 2.2.7
   workgroup = DOMAIN
   server string = Samba2 Server
   log file = /var/log/samba/%m.log
   max log size = 0
   security = server
   password server = ads1
   encrypt passwords = yes
   username map = /etc/samba/smbusers
   obey pam restrictions = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   local master = no

   comment = Home Directories
   browseable = no
   writable = yes
   valid users = %S
   create mode = 0664
   directory mode = 0775


More information about the samba mailing list