[Samba] samba home folder share
Jorell
JorellF at fastmail.net
Mon May 14 08:04:51 MDT 2012
On 5/14/2012 6:42 AM, Muhammad Yousuf Khan wrote:
> On Sun, May 13, 2012 at 9:38 PM, Jorell<JorellF at fastmail.net> wrote:
>> On 5/10/2012 11:19 PM, Muhammad Yousuf Khan wrote:
>>>
>>> i am u sing AD integrated Samba with winbind,I need to share a samba
>>> home folder for every single user in my Active directory. since i dont
>>> wanna create every user's directory i want samba to manage it. however
>>> i dont wanna place the home folders on default path as the boot drive
>>> (/dev/sda) is very small to store the data, beside that, i do have
>>> storage /nas/users which is a mount point of my raid array. so
>>> specifically every user's home folder should be created on /nas/users
>>> and this is my home share details in samba.
>>>
>>> [homes]
>>> comment = Home Directories
>>> browseable = yes
>>> writeable = yes
>>> create mask = 0700
>>> directory mask = 0700
>>> valid users = %S
>>>
>>> after sharing i can see two folders on the samba share
>>> 1. admin (which is my valid user and i was expecting this)
>>> 2. home ( this is some thing making me confuse, it shouldn't suppose
>>> to be there )
>>>
>>> however, when i click on both folders it gives me an error
>>>
>>> "you might not have permission to use this network resource ......
>>> Blah blah blah"[global]
>>>
>>> workgroup = xxxx
>>> realm = xxxx.COM
>>> netbios name = nasbox
>>> server string = %h server
>>> security = ADS
>>> obey pam restrictions = Yes
>>> pam password change = Yes
>>> passwd program = /usr/bin/passwd %u
>>> passwd chat = *Enter\snew\s*\spassword:* %n\n
>>> *Retype\snew\s*\spassword:* %n\n *password\supd$
>>> unix password sync = Yes
>>> syslog = 0
>>> log file = /var/log/samba/log.%m
>>> max log size = 1000
>>> dns proxy = No
>>> panic action = /usr/share/samba/panic-action %d
>>> idmap uid = 10000-20000
>>> idmap gid = 10000-20000
>>> winbind enum users = Yes
>>> winbind enum groups = Yes
>>> winbind use default domain = Yes
>>> .
>>>
>>> further, all other shares are working fine. here is my samba global.
>>>
>>>
>>>
>>>
>>>
>>> Thanks
>>
>>
>> here is what I use in my conf
>> [ProfileShare]
>> ...
>> root preexec = /root/pdc/smbmkhomedir.sh %D %U
>> ...
>>
>>
>> < smbmkhomedir.sh>
>> #!/bin/bash
>> if [ ! -e /home/$1/$2 ]; then
>> mkdir -p /home/$1/$2
>> chown $2:"Domain Users" /home/$1/$2
>> chmod 4711 /home/$1/$2
>> setfacl --set=d:u::rwx,d:g::--x,d:o::---,d:u:$2:rwx,d:g:'domain
>> users':--x /home/$1/$2
>> fi
>> exit 0
>
>
> can you please share a bit more
>
> [global]
> ?
> [profileshare]
> ?
>
> that would be very helpful.
>
> Thank you,
>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
On my partition it mounts with "acl,user_xattr"
[global]
workgroup = MIDEARTH
netbios name = FRODO
realm = MIDEARTH.REALM
server string = %D server (samba %v)
security = ADS
map to guest = Bad User
encrypt passwords = Yes
lanman auth = No
ntlm auth = No
client NTLMv2 auth = Yes
printcap name = cups
printing = cups
disable spoolss = No
show add printer wizard = No
log file = /var/log/samba/log.%m
max log size = 512
syslog = 0
map archive = No
map system = No
map hidden = No
map readonly = No
store dos attributes = Yes
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
idmap backend = tdb
idmap uid = 10000-19999
idmap gid = 10000-19999
idmap config MIDEARTH : backend = ad
idmap config MIDEARTH : range = 20000-29999
[ProfileShare]
comment = Roaming Profile Share
path = /home/%D/%U
valid users = %U
read only = No
guest ok = No
browseable = No
root preexec = /root/pdc/smbmkhomedir.sh %D %U
create mask = 4711
directory mask = 4711
map acl inherit = Yes
profile acls = Yes
store dos attributes = Yes
map archive = No
map system = No
map hidden = No
map readonly = no
More information about the samba
mailing list