[Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
steve at steve-ss.com
Sun Aug 11 03:41:59 MDT 2013
On 10/08/13 22:23, Markus Gillmeister wrote:
> I'm would like to use the attributes in AD for home directory
> (homeDirectory) and the login shell (loginShell) for users logging in via
> ssh to a linux box.
> I added the following parameters in the global-Section of
> winbind nss info = rfc2307
> idmap_ldb:use rfc2307 = yes
> Also I set the attributes for a test-user (called tim) with some values.
> But when calling "getent passwd" I got the following result:
> SHADOW\tim:*:3000017:100:Tim Testinger:/home/SHADOW/tim:/bin/false
> So it seems that winbind is ignoring AD attributes. Is this a bug or did I
> misconfigure my samba installation?
> Best Regards
On the DC, winbind will only read uidNumber and gidNumber. To be able to
use the whole of rfc2307, use sssd or nss-ldapd.
If you want to use winbind, you will have to install Samba4 on a
separate machine, domainify it and run it as a file server only. I
suppose you could then ssh into that instead.
More information about the samba