[Samba] does samba support non-flat /home

Felipe Augusto van de Wiel felipe at paranacidade.org.br
Wed Jul 18 14:07:12 GMT 2007

Hash: SHA256

john wrote, On 15-07-2007 20:19:
> Hi all,
> I hope this is an easy one:
> We've just set up a samba server and We're using winbind 
> with the idmap_rid backend option to authenticate users
> via AD. So far so good! Now we want window users to have
> there home shares on the samba server.
> When Winbind pulls a list of users from AD it appears to 
> use the template homedir option in our smb.conf to figure
> out where users home directories should be located (Am I
> wrong about this?) This relationship seems to get "hard
> coded" into the idmap.

	I wouldn't say "hard coded", I would say it has a
default value /home/%D/%U

> My question is can the smb.conf Global Option "template 
> homedir =" be used to allow users to log in to their
> home dir if /home isn't flat? Is there another way to do
> this?

	Yes, 'template homedir' can be used to change the
value, but I'm not sure if it will work for you, because
you have years in the template.

	You could use a "envvar":

          the value of the environment variable envar.

	But I'm not sure how would you tell samba on
a per-user basis about that, except by my suggestion
below to use primary groups.

> We have about 1500 hundred kids whose home directories 
> should look like /home/graduationYear/studentName
> So student a's home directory should look like:
>  /home/2008/astudent
> and student b's  might be:
>  /home/2009/bstudent

	That's the point, I don't know how you could use
a variable for the "year".  /home/$year/%U, not sure but
maybe you can have your students in the primary group of
their graduation year and use that as a variable:


	template homedir = /home/%G/%U

	astudent primary group is g2008
	bstudent primary group is g2009

> Would it be better to just leave out template homedir, remove the
> tdb's and rebind to windows? What would SAMBA's process be to map
> windows users to unix home directories then?

	Not sure about that, but I think if you can afford
that change, you could opt to change the primary groups and
go with the above solution or something similar. Check the
variables available in smb.conf.

> Perhaps the real solution is to create shares like this:
> [2007]
>       path = /home/students/2007
>       valid users = %S
>       readonly = no
>       writable = yes
>       printable = no
>       create mode = 0600
>       directory mode = 0600
> [2008]
>       path = /home/students/2008
>       valid users = %S
>       readonly = no
>       writable = yes
>       printable = no
>       create mode = 0600
>       directory mode = 0600

	Uhhh... sorry, that's ugly and will give you
a lot of work every year, the group approach seems
to be more maintainable. ;)

> Any advice would be appreciated!
> Thanks!
> John

	Hope this helps.
	Kind regards,
- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list