[Samba] Samba + Winbind + AD homes does not work

Günter Kukkukk linux at kukkukk.com
Tue Jun 30 22:48:35 GMT 2009 

Am Dienstag, 30. Juni 2009 schrieb dale at briannassaladdressing.com:
> Florian,
> 
> Try "valid users = DOM+%S".

the more generalized form would be:
   "valid users = %D%w%S"
#        %D domain or workgroup name
#	 %w winbind separator
#	 %S current service name
Some distros use this one as default:
   "valid users = %S, %D%w%S"

Cheers, Günter

> 
> Should that fail,  also ensure that the home directories exist (as defined in "template homedir ="), and that these directories have the correct permissions.
> 
> Dale
> 
> 
> -----Original message-----
> From: florian.engelmann at bt.com
> Date: Tue, 30 Jun 2009 10:19:05 -0500
> To: samba at lists.samba.org
> Subject: [Samba] Samba + Winbind + AD homes does not work
> 
> > Hello,
> > we use winbind to connect our Linux servers to our AD what is working
> > right now and we use samba to share some Linux directories to our
> > Windows clients what is also working as intended. The only thing we were
> > not able to get running are the [homes]. The authentication seems to be
> > wrong. Here is our configuration.
> > 
> > /etc/samba/smb.conf
> > [global]
> >    netbios name = demu1glcxxxx01
> >    workgroup = DOM
> >    realm = DOM.xxx.yyy
> >    preferred master = no
> >    server string = UnixCluster
> >    security = ADS
> >    encrypt passwords = true
> >    ;password server = *
> >    password server = demu1wyyyy02
> >    allow trusted domains = no
> >    log level = 2
> >    log file = /var/log/samba/%m
> >    max log size = 1000
> >    printcap name = cups
> >    printing = cups
> >    winbind enum users = no
> >    winbind enum groups = no
> >    winbind use default domain = yes
> >    winbind nested groups = yes
> >    winbind separator = +
> >    winbind cache time = 5
> >    idmap backend = rid:DOM=100000-5000000
> >    idmap uid = 100000-10000000
> >    idmap gid = 100000-10000000
> >    template homedir = /home/%D/%U
> >    template shell = /bin/bash
> > 
> > [homes]
> >    comment = Home Direcotries
> >    ;path = /pkg/global/home/%D/%U
> >    valid users = %S
> >    ;valid users = %D+%U, engelmaf, DOM+engelmann
> >    :valid users = @DOM+de_it-operations_dam, @"DOM+domain users", %D+%U,
> > engelmaf, DOM+engelmann, %S
> >    read only = no
> >    browseable = no
> >    ;invalid users = root
> > 
> > [printers]
> >    comment = All Printers
> >    path = /var/spool/cups
> >    browseable = no
> >    printable = yes
> >    guest ok = yes
> > 
> > [dml]
> >    comment = Digital Media Library
> >    path= /pkg/tank/dml
> >    valid users = @DOM+de_it-operations_dam, @"DOM+domain users"
> >    writable=yes
> >    browseable=yes
> >    write list = @DOM+de_it-operations_dam
> > 
> > We are able to connect and write to dml but not to the home directories.
> > Any Idea what could be the problem?
> > 
> > OS: Debian Lenny
> > Samba: 3.2.5
> > 
> > Thank you for your help.
> > 
> > Regards Florian
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >

More information about the samba mailing list