[Samba] winbind, ads member server and pam_mkhomedir

Charlie medievalist at gmail.com
Thu Jun 12 20:34:43 GMT 2008

This may depend on the version of samba you are running, and what your
passbd backend is.   I run LDAP, and I've had to turn off all PAM
interaction on my systems since I upgraded to 3.0.25+.  I got around
the problem of missing home directories by adding a stanza like this
to smb.conf:

        comment = %U Home Folder
        read only = No
        browseable = No
        root preexec = /bin/bash /var/lib/samba/scripts/mkhomedir.sh %U

The mkhomedir script just creates the user home directory if it isn't
already there.

Incidentally, pam_mkhomedir.so, when it works (there are lots of
broken versions around) always creates the home directory as specified
in the user's POSIX homeDirectory field - it's not going to ask samba
where to create it, it's going to look at the homeDirectory associated
with the userid.


On Tue, Jun 3, 2008 at 1:56 AM, Sebastian Ries <Sebastian.Ries at dtnet.de> wrote:
> Hi
> Am Montag, den 02.06.2008, 09:46 -0600 schrieb Jason Gerfen:
>> I am having a problem with the pam_mkhomedir.so not setting up the users
>> home directory. Relevant data:
>> /etc/pam.d/system-auth
>> session    optional     pam_mkhomedir.so umask=0022 skel=/etc/skel/
>> /etc/samba/smb.conf
>> nt acl support = yes
>> inherit permissions = yes
>> create mask = 0022
>> template homedir = /home/samba/%U
> I think you are missing
> obey pam restrictions = yes
> Regards
> Sebastian Ries
> --
> ------------------------------------------------------------
> DT Netsolution GmbH -  Talaeckerstr. 30 -  D-70437 Stuttgart
> Tel: +49-711-849910-36               Fax: +49-711-849910-936
> WEB: http://www.dtnet.de/     email: Sebastian.Ries at dtnet.de
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list