[Samba] Samba4 Using AD/UNIX attributes for home directory and shell not possible?
steve
steve at steve-ss.com
Sun Aug 11 03:41:59 MDT 2013
On 10/08/13 22:23, Markus Gillmeister wrote:
> Hi,
>
> I'm would like to use the attributes in AD for home directory
> (homeDirectory) and the login shell (loginShell) for users logging in via
> ssh to a linux box.
>
> I added the following parameters in the global-Section of
> /etc/samba/smb.conf:
> winbind nss info = rfc2307
> idmap_ldb:use rfc2307 = yes
>
> Also I set the attributes for a test-user (called tim) with some values.
>
> But when calling "getent passwd" I got the following result:
> ...
> SHADOW\tim:*:3000017:100:Tim Testinger:/home/SHADOW/tim:/bin/false
>
> So it seems that winbind is ignoring AD attributes. Is this a bug or did I
> misconfigure my samba installation?
>
> Best Regards
> Markus
>
Hi
On the DC, winbind will only read uidNumber and gidNumber. To be able to
use the whole of rfc2307, use sssd or nss-ldapd.
If you want to use winbind, you will have to install Samba4 on a
separate machine, domainify it and run it as a file server only. I
suppose you could then ssh into that instead.
HTH
Steve
More information about the samba
mailing list