[Samba] automatically create home directories

Romeo Theriault romeotheriault at fastmail.fm
Tue Jun 14 20:00:20 GMT 2005

I have a Suse 9.1 Enterprise Server connected to our Windows 2003 Active
Directory Domain for use a file server, housing peoples home(backup)
directories. The Suse box is connected to AD with winbind and it's
connected fine. The problem is that when I create a user on the windows
box it's not creating a home directory in Linux. It says I don't have
create access on the server when I try to map them a drive. I'm not sure
what the problem is but I think it's with my pam authentication of with
my smb.conf file.

Here is my smb.conf:


#global options needed to communicate with Active Directory
unix charset = LOCALE
ads server = (ip goes here)
workgroup = NEWDOMAIN
server string = SambaT
security = ADS
password server = *
encrypt passwords = yes
invalid users = root bin daemon adm sync shutdown halt mail news uucp operator gopher

#winbind configuration

idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +
winbind enum users=yes
winbind enum groups=yes
template homedir = /home/%U
#this makes it so they don't have shell logon accounts.
template shell = /bin/false

comment = Home Directories
path = /home/%U
#user = @"NEWDOMAIN+domain users"
browseable = No
writeable= yes

and here is the pam.d samba file:

auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_winbind.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok use_first_pass
auth        required      /lib/security/pam_deny.so

account     sufficient    /lib/security/pam_winbind.so
account     required      /lib/security/pam_unix.so

password    required      /lib/security/pam_cracklib.so retry=3 minlen=2 dcredit=0 ucredit=0
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5 shadow
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0022 
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so

Thank you, I appreciate any help. I've been beating my head against the wall on this one.

More information about the samba mailing list