[Samba] Samba 4.1.0pre1 and problem from creating home users dir from command line

Adam Sienkiewicz adamsienkiewicz78 at gmail.com
Sat Jan 5 02:04:43 MST 2013


Thanks for reply!
Could you explain how I should assign right permisions for created
dir. I know chown/chmod but I don't have knowledne how to do that via
ACL. In google I also didn't find useful documentation how to set AD
permissions for home users directory on samba4 AD server.

2013/1/5, Andrew Bartlett <abartlet at samba.org>:
> On Fri, 2013-01-04 at 09:41 +0100, Adam Sienkiewicz wrote:
>> Hi all;
>>
>> I successfully run samba 4 as DC. Joining win7 into it working, mobile
>> profiles also. I used this tutorial:
>> https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO
>>  Because in my domain I will use few hundred acccounts I want to automate
>> account creating in my domain.
>> I would like to do that via bash script from linux side.
>> I tried to create account via command:
>>
>> ./samba-tool user create demo8
>> p at ssw0rd--profile-path=\\deb7smb4ad.szyb.local\profiles\demo8
>> --home-drive=H:
>> --home-directory=\\deb7smb4ad.szyb.local\home2\demo8
>>
>> account were created, in dsa.msc snap-in I can see this account with
>> settings like profile path and home dir but there is a problem - this way
>> of creating account doesn't create home dir for user.
>> To do that I have to go into user demo8 properties, choose tab profile
>> and
>> for a while change opition for home folder - local path and back to map
>> as
>> h:
>> After that home folder in shared home2 dir is created and user
>> has automatically maped his home folder as h: drive.
>>
>> My question is - is any other way to automatically home dir creation
>> during
>> account create without dsa.msc usage - for scripting it will be greate if
>> I
>> can force samba-tool to create this directory.
>>
>> Here is my smb.conf:
>>
>> root at deb7smb4ad:~# cat /usr/local/samba/etc/smb.conf
>> # Global parameters
>> [global]
>> workgroup = SZYB
>> realm = SZYB.LOCAL
>> netbios name = DEB7SMB4AD
>> server role = active directory domain controller
>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
>> winbind,
>> ntp_signd, kcc, dnsupdate
>>
>> [netlogon]
>> path = /usr/local/samba/var/locks/sysvol/szyb.local/scripts
>> read only = No
>>
>> [sysvol]
>> path = /usr/local/samba/var/locks/sysvol
>> read only = No
>> [home2]
>> path=/home/samba
>> comment=home dirs
>> read only = No
>> ;directory_mode: parameter = 0700
>> [printers]
>>     comment = All Printers
>>     path = /usr/local/samba/var/spool
>>     browseable = Yes
>>     read only = No
>>     printable = Yes
>> [print$]
>>     comment = Point and Print Printer Drivers
>>     path = /usr/local/samba/var/print
>>     read only = No
>> [profiles]
>>       path = /usr/local/samba/var/profiles
>>       read only = no
>>
>> my fstab looks like:
>>
>> /dev/mapper/deb7smb4ad-root /               ext4
>>  user_xattr,acl,barrier=1,errors=remount-ro 0       1
>> # /boot was on /dev/sda1 during installation
>> UUID=f197b0c8-11d5-474e-bedf-4889542d3ee4 /boot           ext2
>> defaults
>>        0       2
>> /dev/mapper/deb7smb4ad-home /home           ext4
>>  user_xattr,acl,barrier=1        0       2
>> /dev/mapper/deb7smb4ad-swap_1 none            swap    sw              0
>>   0
>> /dev/sr0        /media/cdrom0   udf,iso9660 user,noauto     0       0
>> /dev/fd0        /media/floppy0  auto    rw,user,noauto  0       0
>>
>> Can I use for this mkdir command and next samba-tool ntacl subcommand ?
>
> Yes, the samba-tool command only modifies the AD directory, not the
> filesystem.  You certainly could combine it with local mkdir and chown
> commands.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
>
>
>


More information about the samba mailing list