[Samba] Logon scripts, home directories, and Samba4 AD

Lee Allen lee at leecallen.com
Wed Jul 3 08:07:06 MDT 2013 

Daniel that's perfect - -  the 'root preexec'  is exactly what I need.
Thank you.
On Jul 3, 2013 9:33 AM, "Daniel Müller" <mueller at tropenklinik.de> wrote:

> So you authenticate against the samba4 ads with your samba3 is this true?
> Then you can do a root preexec and run a script on your samba3 server every
> time
> the users connect to [homes].
> Ex:
>
> [homes]
> root preexec = /path-to-script/./user-home-dir %U
>
>
> Your script user-home-dir (where $1 is the login of the user):
>
> #!/bin/bash
> #if exist directory
> if test -d /path-to/your-users-home-dirs/$1
> then
> #put Directory is already there in a log file
> echo "$1 Directory already up and running" >>/system/log/eanm.log
> else
>
> mkdir  /path-to/your-users-home-dirs/$1
> chmod -R 700  /path-to/your-users-home-dirs/$1
> chown -R $1:"Domain Users" / path-to/your-users-home-dirs/$1
> echo "/path-to/your-users-home-dirs/$1 created" >>/system/log/anm.log
> fi
>
>
> Greetings
> Daniel
> -----------------------------------------------
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
>
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> -----------------------------------------------
>
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
> Im
> Auftrag von Lee Allen
> Gesendet: Mittwoch, 3. Juli 2013 14:56
> An: Gémes Géza
> Cc: samba at lists.samba.org
> Betreff: Re: [Samba] Logon scripts, home directories, and Samba4 AD
>
> Thank you, that works great, and it eliminates the need to create logon
> scripts for each user.  That's a big improvement.
>
> ADUC complains it cannot create the folder.  Not surprising, because the
> specified folder \\samba3\username does not really exist -- it's a [homes]
> share, the true pathname is \\samba3\nas\homes\username.
>
> So I still need to create the directory in the samba3 system, and set
> permissions appropriately.
>
> Is there a way around this?  The only solution I can see is to write a
> script that will create the necessary directories when a user is created.
>  But that wouldn't be simple, because it's on a different server -- the
> user
> is created on the samba4 ADC and the shares are on the samba3 fileserver.
>
>
> On Wed, Jul 3, 2013 at 3:22 AM, Gémes Géza <geza at kzsdabas.hu> wrote:
>
> > Hi,
> >
> >> This could do the job
> >> Identify the home share on your samba3 fileserver (certain it is
> >> member of your samba4 domain?!) as dfs root
> >>
> >> Ex:
> >> msdfs root= yes
> >>
> >> On samba4 ads
> >> [home]
> >>          msdfs proxy= \your-samba3-server\homes
> >>          read only = No
> >>
> >> with rsat point to \your-samba3-server\homes
> >>
> >> Good luck
> >> ------------------------------**-----------------
> >> EDV Daniel Müller
> >>
> >> Leitung EDV
> >> Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24
> >> 72076 Tübingen
> >>
> >> Tel.: 07071/206-463, Fax: 07071/206-499
> >> eMail: mueller at tropenklinik.de
> >> Internet: www.tropenklinik.de
> >> ------------------------------**-----------------
> >>
> > Even easier specify \\your-samba3-server\%**USERNAME% as the home
> > folder setting under ADUC for all the users you want (you can even
> > select them set this once) if you also specify home drive H: it will
> > get mounted at that drive letter
> >
> >> -----Ursprüngliche Nachricht-----
> >> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.**
> >> samba.org <samba-bounces at lists.samba.org>] Im Auftrag von Lee Allen
> >> Gesendet: Mittwoch, 3. Juli 2013 00:20
> >> An: samba at lists.samba.org;
> >> samba-technical at lists.samba.**org<samba-technical at lists.samba.org>
> >> Betreff: [Samba] Logon scripts, home directories, and Samba4 AD
> >>
> >> I apologize if this appears twice: I posted it several hours ago and
> >> it has not appeared on the list, so I am tweaking the email address
> >> and trying again.
> >>
> >> I have two separate (virtual) servers: one running Samba4 functioning
> >> as an AD controller, and one running Samba 3.6.1  functioning as a
> >> file & print server.
> >>
> >> On the Samba3 side I am using security=ads and winbind and
> >> authenticating against the Samba4 ADC.  Everything is working great.
> >>
> >> Where things get a little messy is with the [homes] shares.
> >>
> >> Here is what I am doing now:
> >>
> >> My Samba3 smb.conf has a typical [homes] section.  I create a
> >> subdirectory for each user, and set ownership & permissions.
> >>
> >> I create a logon script on the Samba4 system -- one for each user,
> >> because the username is embedded in it:
> >> net use H: \\samba3\username
> >>
> >> And then I use RSAT to set the logon script to the correct value for
> >> each user.
> >>
> >> It's just a lot of steps that need to be performed (perfectly) for
> >> each user.  Is there a better way?
> >>
> >> I see RSAT allows me to specify a "Home folder".  Could this be a
> >> folder on the Samba3 server -- ie, \\samba3\username ? (I tried that
> >> and it did not
> >> work)
> >>
> >> I can imagine some scripts that would create the logon script on the
> >> Samba4
> >> system, and create the necessary directories on the Samba3 system.  I
> >> could probably manage that, but I hate to re-invent the wheel --
> >>
> >> If there is a clean, orthodox way to do this, I would like to know
> >> what it is.
> >>
> >> Thank you.
> >>
> >> Lee Allen
> >> --
> >> To unsubscribe from this list go to the following URL and read the
> >> instructions:
> >> https://lists.samba.org/**mailman/options/samba<https://lists.samba.o
> >> rg/mailman/options/samba>
> >>
> >>  Regards
> >
> > Geza Gemes
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:
> > https://lists.samba.org/**mailman/options/samba<https://lists.samba.or
> > g/mailman/options/samba>
> >
>
>
>
> --
> *Lee Allen*
> email: lee at leecallen.com
> bus: (716) 773-2729
> home: (716) 773-2326
> cell: (716) 880-0854
> fax: (716) 408-8844
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>

More information about the samba mailing list