[Samba] winbind, ads member server and pam_mkhomedir
Charlie
medievalist at gmail.com
Thu Jun 12 20:34:43 GMT 2008
This may depend on the version of samba you are running, and what your
passbd backend is. I run LDAP, and I've had to turn off all PAM
interaction on my systems since I upgraded to 3.0.25+. I got around
the problem of missing home directories by adding a stanza like this
to smb.conf:
[homes]
comment = %U Home Folder
read only = No
browseable = No
root preexec = /bin/bash /var/lib/samba/scripts/mkhomedir.sh %U
The mkhomedir script just creates the user home directory if it isn't
already there.
Incidentally, pam_mkhomedir.so, when it works (there are lots of
broken versions around) always creates the home directory as specified
in the user's POSIX homeDirectory field - it's not going to ask samba
where to create it, it's going to look at the homeDirectory associated
with the userid.
--Charlie
On Tue, Jun 3, 2008 at 1:56 AM, Sebastian Ries <Sebastian.Ries at dtnet.de> wrote:
> Hi
>
> Am Montag, den 02.06.2008, 09:46 -0600 schrieb Jason Gerfen:
>> I am having a problem with the pam_mkhomedir.so not setting up the users
>> home directory. Relevant data:
>>
>> /etc/pam.d/system-auth
>> session optional pam_mkhomedir.so umask=0022 skel=/etc/skel/
>>
>> /etc/samba/smb.conf
>> nt acl support = yes
>> inherit permissions = yes
>> create mask = 0022
>> template homedir = /home/samba/%U
>
> I think you are missing
> obey pam restrictions = yes
>
> Regards
> Sebastian Ries
>
> --
> ------------------------------------------------------------
> DT Netsolution GmbH - Talaeckerstr. 30 - D-70437 Stuttgart
> Tel: +49-711-849910-36 Fax: +49-711-849910-936
> WEB: http://www.dtnet.de/ email: Sebastian.Ries at dtnet.de
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list