[Samba] Mounting home directory from Windows in Linux

Shaun J. O'Callaghan Shaun.OCallaghan at durham.ac.uk
Thu Sep 7 15:39:31 GMT 2006



Thanks for your reply.


I've just added valid users = OUR_DOMAIN\%S but no luck.


Any user can still traverse any directory.  Should the filesystem be
mounted as root?  Could there be a problem with ACLs ?


We're running 3.0.10-1


Any further advice would be great.


Kind Regards,


Shaun James O'Callaghan




From: Dale Schroeder [mailto:dale at BriannasSaladDressing.com] 
Sent: 07 September 2006 16:25
To: Shaun J. O'Callaghan; samba at lists.samba.org
Subject: Re: [Samba] Mounting home directory from Windows in Linux


Try "valid users = DOMAIN\%S"
Keep in mind that this parameter is broken in 3.0.23, but has been
resolved in 3.0.23c.
I'm still waiting on the updated debs so that I can upgrade.


Shaun J. O'Callaghan wrote: 

Hi All,
I'm using samba 3.0.10-1 on RedHat Enterprise Linux 4.
I'm authentication to our PDC using Winbind and also mounting our home
directory share (from Windows) onto our main Linux server such that when
a user logs on to the Linux server, their Windows home directory is
mounted also.
I'm using the domain admin account to mount the home directory share,
which I feel is probably not the best way to go about doing this because
when a user logs in to their account they can "cd .." and traverse other
user accounts.
How should this share be correctly mounted using Samba ?
I've pasted smb.conf below, I've tried multiple arrangements of 'create
mask', 'directory mask' and 'directory security mask' even though (if
I'm right) they shouldn't be needed when using winbind.
Can anybody please shed any light on this?
Kind Regards,
Shaun O'Callaghan
   workgroup = OUR_DOMAIN
   server string = Linux
   printcap name = /etc/printcap
   load printers = yes
   cups options = raw
   log file = /var/log/samba/%m.log
   max log size = 50
   security = ads
   encrypt passwords = yes
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   dns proxy = no
   idmap uid = 16777216-33554431
   idmap gid = 16777216-33554431
   template shell = /bin/bash
   winbind use default domain = yes
   password server = IP_OF_PDC
   comment = Home Directories
   path = /home/DOMAIN/
   browseable = no
   create mask = 0700
   directory mask = 0700
   directory security mask = 0700
   writable = yes
   **valid users = DOMAIN\%S**

More information about the samba mailing list