[Samba] pam_mkhomdir.so is creating machine folders when used
bsmoke at lapo.state.ar.us
Fri Sep 30 16:02:04 GMT 2005
I have tried changing the valid users on the [homes] share to %D+%u,
instead of leaving the default, thinking it might be trying %S, which
might have been causing the machine name folders to be created,
that was not it,
I tried changing the location of the pam_mkhomedir.so session string.
I moved it to /etc/pam.d/samba,
I moved it to the last string in system-auth,
nothing has made a difference.
I can't find a pam option to keep this from happening,
and I did find a samba thread on this list about this being by design,
and they eventually went with a pre-exec script.
I see a ton of pam_mkhomedir threads on the samba list,
but none of them mention the machine name directory getting created, and
how to prevent it.
Any help would be greatly appreciated.
From: samba-bounces+bsmoke=lapo.state.ar.us at lists.samba.org
[mailto:samba-bounces+bsmoke=lapo.state.ar.us at lists.samba.org] On Behalf
Of Barry Smoke
Sent: Thursday, September 29, 2005 10:22 AM
To: samba at lists.samba.org
Subject: [Samba] pam_mkhomdir.so is creating machine folders when used
Hello Samba Users,
I recently found out about pam_mkhomedir.so, and now use it on a couple
of servers. It works great,
except that it is constantly creating directories for the machines that
is my problem in my pam config, or my samba config?
What can I do to keep this from happening?
here is my config
workgroup = audit
netbios name = Storage1
server string = Storage1
security = ADS
encrypt passwords = yes
realm = AUDIT.LOCAL
obey pam restrictions = yes
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +
winbind use default domain = yes
use sendfile = yes
log level = 1 passdb:5 auth:1 winbind:1
template homedir = /data/%D/%U
#template shell = /bin/bash
time server = yes
comment = Home Directories
#valid users = %S
read only = no
browseable = no
vfs objects = recycle:keeptree
[root at localhost pam.d]# cat system-auth
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
password required /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok
use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
session sufficient /lib/security/$ISA/pam_mkhomedir.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
AR Division of Legislative Audit
To unsubscribe from this list go to the following URL and read the
More information about the samba