[Samba] Mounting home directory from Windows in Linux
Shaun J. O'Callaghan
Shaun.OCallaghan at durham.ac.uk
Thu Sep 7 15:39:31 GMT 2006
Thanks for your reply.
I've just added valid users = OUR_DOMAIN\%S but no luck.
Any user can still traverse any directory. Should the filesystem be
mounted as root? Could there be a problem with ACLs ?
We're running 3.0.10-1
Any further advice would be great.
Shaun James O'Callaghan
From: Dale Schroeder [mailto:dale at BriannasSaladDressing.com]
Sent: 07 September 2006 16:25
To: Shaun J. O'Callaghan; samba at lists.samba.org
Subject: Re: [Samba] Mounting home directory from Windows in Linux
Try "valid users = DOMAIN\%S"
Keep in mind that this parameter is broken in 3.0.23, but has been
resolved in 3.0.23c.
I'm still waiting on the updated debs so that I can upgrade.
Shaun J. O'Callaghan wrote:
I'm using samba 3.0.10-1 on RedHat Enterprise Linux 4.
I'm authentication to our PDC using Winbind and also mounting our home
directory share (from Windows) onto our main Linux server such that when
a user logs on to the Linux server, their Windows home directory is
I'm using the domain admin account to mount the home directory share,
which I feel is probably not the best way to go about doing this because
when a user logs in to their account they can "cd .." and traverse other
How should this share be correctly mounted using Samba ?
I've pasted smb.conf below, I've tried multiple arrangements of 'create
mask', 'directory mask' and 'directory security mask' even though (if
I'm right) they shouldn't be needed when using winbind.
Can anybody please shed any light on this?
workgroup = OUR_DOMAIN
server string = Linux
printcap name = /etc/printcap
load printers = yes
cups options = raw
log file = /var/log/samba/%m.log
max log size = 50
security = ads
realm = OUR_FULLY_QUALIFIED_DOMAIN
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind use default domain = yes
password server = IP_OF_PDC
comment = Home Directories
path = /home/DOMAIN/
browseable = no
create mask = 0700
directory mask = 0700
directory security mask = 0700
admin users = OUR_DOMAIN\ADMINISTRATOR
writable = yes
**valid users = DOMAIN\%S**
More information about the samba