[Samba] Logon scripts, home directories, and Samba4 AD
Daniel Müller
mueller at tropenklinik.de
Wed Jul 3 07:33:13 MDT 2013
So you authenticate against the samba4 ads with your samba3 is this true?
Then you can do a root preexec and run a script on your samba3 server every
time
the users connect to [homes].
Ex:
[homes]
root preexec = /path-to-script/./user-home-dir %U
Your script user-home-dir (where $1 is the login of the user):
#!/bin/bash
#if exist directory
if test -d /path-to/your-users-home-dirs/$1
then
#put Directory is already there in a log file
echo "$1 Directory already up and running" >>/system/log/eanm.log
else
mkdir /path-to/your-users-home-dirs/$1
chmod -R 700 /path-to/your-users-home-dirs/$1
chown -R $1:"Domain Users" / path-to/your-users-home-dirs/$1
echo "/path-to/your-users-home-dirs/$1 created" >>/system/log/anm.log
fi
Greetings
Daniel
-----------------------------------------------
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Lee Allen
Gesendet: Mittwoch, 3. Juli 2013 14:56
An: Gémes Géza
Cc: samba at lists.samba.org
Betreff: Re: [Samba] Logon scripts, home directories, and Samba4 AD
Thank you, that works great, and it eliminates the need to create logon
scripts for each user. That's a big improvement.
ADUC complains it cannot create the folder. Not surprising, because the
specified folder \\samba3\username does not really exist -- it's a [homes]
share, the true pathname is \\samba3\nas\homes\username.
So I still need to create the directory in the samba3 system, and set
permissions appropriately.
Is there a way around this? The only solution I can see is to write a
script that will create the necessary directories when a user is created.
But that wouldn't be simple, because it's on a different server -- the user
is created on the samba4 ADC and the shares are on the samba3 fileserver.
On Wed, Jul 3, 2013 at 3:22 AM, Gémes Géza <geza at kzsdabas.hu> wrote:
> Hi,
>
>> This could do the job
>> Identify the home share on your samba3 fileserver (certain it is
>> member of your samba4 domain?!) as dfs root
>>
>> Ex:
>> msdfs root= yes
>>
>> On samba4 ads
>> [home]
>> msdfs proxy= \your-samba3-server\homes
>> read only = No
>>
>> with rsat point to \your-samba3-server\homes
>>
>> Good luck
>> ------------------------------**-----------------
>> EDV Daniel Müller
>>
>> Leitung EDV
>> Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24
>> 72076 Tübingen
>>
>> Tel.: 07071/206-463, Fax: 07071/206-499
>> eMail: mueller at tropenklinik.de
>> Internet: www.tropenklinik.de
>> ------------------------------**-----------------
>>
> Even easier specify \\your-samba3-server\%**USERNAME% as the home
> folder setting under ADUC for all the users you want (you can even
> select them set this once) if you also specify home drive H: it will
> get mounted at that drive letter
>
>> -----Ursprüngliche Nachricht-----
>> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.**
>> samba.org <samba-bounces at lists.samba.org>] Im Auftrag von Lee Allen
>> Gesendet: Mittwoch, 3. Juli 2013 00:20
>> An: samba at lists.samba.org;
>> samba-technical at lists.samba.**org<samba-technical at lists.samba.org>
>> Betreff: [Samba] Logon scripts, home directories, and Samba4 AD
>>
>> I apologize if this appears twice: I posted it several hours ago and
>> it has not appeared on the list, so I am tweaking the email address
>> and trying again.
>>
>> I have two separate (virtual) servers: one running Samba4 functioning
>> as an AD controller, and one running Samba 3.6.1 functioning as a
>> file & print server.
>>
>> On the Samba3 side I am using security=ads and winbind and
>> authenticating against the Samba4 ADC. Everything is working great.
>>
>> Where things get a little messy is with the [homes] shares.
>>
>> Here is what I am doing now:
>>
>> My Samba3 smb.conf has a typical [homes] section. I create a
>> subdirectory for each user, and set ownership & permissions.
>>
>> I create a logon script on the Samba4 system -- one for each user,
>> because the username is embedded in it:
>> net use H: \\samba3\username
>>
>> And then I use RSAT to set the logon script to the correct value for
>> each user.
>>
>> It's just a lot of steps that need to be performed (perfectly) for
>> each user. Is there a better way?
>>
>> I see RSAT allows me to specify a "Home folder". Could this be a
>> folder on the Samba3 server -- ie, \\samba3\username ? (I tried that
>> and it did not
>> work)
>>
>> I can imagine some scripts that would create the logon script on the
>> Samba4
>> system, and create the necessary directories on the Samba3 system. I
>> could probably manage that, but I hate to re-invent the wheel --
>>
>> If there is a clean, orthodox way to do this, I would like to know
>> what it is.
>>
>> Thank you.
>>
>> Lee Allen
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:
>> https://lists.samba.org/**mailman/options/samba<https://lists.samba.o
>> rg/mailman/options/samba>
>>
>> Regards
>
> Geza Gemes
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:
> https://lists.samba.org/**mailman/options/samba<https://lists.samba.or
> g/mailman/options/samba>
>
--
*Lee Allen*
email: lee at leecallen.com
bus: (716) 773-2729
home: (716) 773-2326
cell: (716) 880-0854
fax: (716) 408-8844
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list