[Samba] Linux users and Samba 4
geza at kzsdabas.hu
Wed Nov 30 10:18:11 MST 2011
2011-11-30 18:02 keltezéssel, steve írta:
> On 30/11/11 17:46, Adam Tauno Williams wrote:
>> On Wed, 2011-11-30 at 17:37 +0100, steve wrote:
>>> On 30/11/11 16:40, Matthieu Patou wrote:
>>>> On 30/11/2011 08:09, steve wrote:
>>>>> Yep. I realise the 'alphaness' of Samba 4 but I think I am not alone
>>>>> with my issue. I think I should be easy to fix now before it goes
>>>> Certainly true, why not trying to start working on solution on your
>>>> by doing the first move you have much more insurance that someone else
>>>> will help you to make it good for master tree.
>>> Well, I'm no developer and only have an old laptop running from a usb
>>> memory stick for testing but I've made a start by adding a home
>>> directory attribute to Samba 4 user database using phpldapadmin. But
>>> I'm stuck since I don't know where or how the roaming profiles are
>>> stored. In Samba 3 there were stored in the /home of the user.
>> The statement "In Samba 3 there were stored in the /home of the user" is
>> false. They are stored where they are configured to be stored; we do
>> not store profiles in home directories [and generall i think that is a
>> bad idea]. Samba4 provisions a shared volume for storing a user's
>> roaming profile.
>> By default something like -
>> path = /usr/local/samba/var/profiles
>> read only = no
>> Which is very much the same as S3.
>>> With AD
>>> it seems that they are all be saved in a [profiles] share.
>> Yes, and the nothing changed there.
>>> think I understand so I think the solution to single sign on with Samba
>>> 4 would be linking the roaming profile to a users /home folder.
>> No. The roaming profile is the roaming profile, the user's home
>> directory is the user's home directory. You can map a drive to their
>> home directory or use folder redirection via policy [just like in
>>> the profiles share subfolder the /home folder for Linux. With Samba3
>>> LDAP, all this was centralised and easy to administer.
>> I don't know about "easy". After many years it feels a bit more like
>>> would create an LDAP user for you and give him the Samba attributes he
>>> needed. It even created his home folder too. It was simple for a linux
>>> user to logon to windows and vica versa. Samba 4 takes away this
>>> centralisation. It also has the inconvenience of having to use windows
>>> to administer the Samba server.
>> This loss is temporary until the tool-chain catches up to Samba 4 -
>> which provides Python bindings, command line tools, and [of course] the
>> entire AD RPC approach.
>>> I feel that Samba dev's have forgotten that Linux clients are just as
>>> important as windows clients in the network. They seem to think that
>>> Linux is only ever used as a server and clients are only ever
>>> windows 7!
>> Heh, I think the current situation sucks for servers to! :) But nobody
>> has forgotten anything - it is just not there yet. A simple issue of
>> resource constraints.
>>> Another bit I don't get is where is a file that is created on a windows
>>> client is stored on the Samba server? The documentation is not clear
>>> here. As basic as that.
>> That works the same as in Samba 3.
>>> Does any of this make sense?
>> The frustration, yes, and it is shared. Getting from S3 to AD has been
>> ugly going so far. But many of your presumptions are incorrect; you
>> are assuming that things configured by your tool-chain are fundamental
>> Samba behaviors.
> OK I think I'm getting somewhere.
> I have a Samba 3 user who authenticates against LDAP. He has a /home
> folder and see his files either from a linux client or from a windows
> If I could get an answer to my next question, I'd be there:
> Starting from nothing, how would I create a new user under Samba 4 who
> could see his files on both windows and Linux clients? Under Samba 4 I
> cannot find where his /home folder comes into the equation!
> Thanks for your patience.
It is pretty well explained.
More information about the samba