[Samba] Cross domain and user home questions.

Trimble, Ronald D Ronald.Trimble at unisys.com
Fri Feb 3 15:00:46 GMT 2006


Thank you in advance for any help anyone may be able to provide with the
following issues I am experiencing.

 

The first is authenticating users across domains.  I have successfully
configured Samba to use an AD domain, but when I try to authenticate
another user form another domain in the same tree, I get various errors.
Can anyone shed some light on what I may be doing wrong or help me
configure this?

 

Here are the important settings from my smb.conf.

 

[global]

        workgroup = NA

        realm = NA.UIS.UNISYS.COM

        netbios name = servername

        encrypt passwords = yes

        security = ADS

        password server = IPaddress

        passdb backend = smbpasswd

        log level = 0

        syslog = 0

        log file = /var/log/samba/%m.log

        max log size = 50

        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

#       winbind separator = +

        winbind use default domain = no

        winbind uid = 16777216-33554431

        winbind gid = 16777216-33554431

        winbind enum users = yes

        winbind enum groups = yes

        template homedir = /home/%D/%U

        template shell = /bin/bash

        admin users = root, IDs

        nt acl support = yes

        map acl inherit = yes

 

As you can see from the config, I am a member of the NA domain.  I have
no issues with users in this domain and everything works as it should.
The problem comes when I try to authenticate users of our other
domains... for example EU.  Our tree looks like this:

 

UIS.UNISYS.COM

  |_> NA.UIS.UNISYS.COM

  |_> EU.UIS.UNISYS.COM

  |_> etc..

 

The second issue I have is related to user home directories.  I have it
set up so that when a user views the SMB shares on the server, they can
see their home directory.  The problem is that if the directory is not
created ahead of time, what they are seeing is not real.  The directory
is not being created automatically.  How can I set this up?  Here is the
[homes] section of my smb.conf.

 

[homes]

        comment = Home Directories (RW)

        valid users = %D\%S

        browseable = No

        read only = No

        create mask = 0660

        directory mask = 0770

 

Thanks again for any help you may provide.



More information about the samba mailing list