[Samba] samba and AD integration, Two questions

Jeremy Allison jra at samba.org
Thu Jun 26 20:02:04 GMT 2008

On Wed, Jun 25, 2008 at 12:06:06PM -0500, Taylor Lewick wrote:
> Hi all.  I've set up a test SuSe 10.2 linux machine that is
> authenticating against our active directory.  Right now we just create
> users in AD, and then they can login to the unix box and using
> pam_mkhomedir.  We don't add users to the /etc/passwd file, in fact, if
> you try and add a user using useradd -m once they've been setup in AD,
> you get a message saying account already exists.
> So Kerberos, AD, Samba, PAM and Winbind are all working. 
> Right now, if a user logins to the linux box for the first time using
> ssh, it creates their home directory.  Perfect.
> But I do have two questions.
> If they login to the box by mounting the samba share via windows, i.e.
> \\servername\share two directories are created.  One for their AD
> username, and one for the machine name of their PC.  Its not a big deal,
> but is there a way to disable or stop it from creating the machine name
> directory?  We won't ever use that directory.
> Second, if for any reason we did lose connectivity to our domain
> controllers, no one could login to the Linux box since there are no
> accounts in /etc/passwd.  So is there a way to set it up so that if the
> linux machine can't talk to the domain controller, then someone could
> still login to the box?

Check out the "winbind offline logon" parameter for details on
this :



More information about the samba mailing list