[Samba] "nis homedir" issue on samba- 3.6.9-151.el6 (CentOS 6.4 64bit)

Vincenzo De Sanctis vincenzo.desanctis at gmail.com
Wed May 1 03:47:40 MDT 2013 

maybe there is a bug regarding the use of nis to mount the user's home
directory at the login or my misconfiguration.
After the CentOS 6.4 (64bit) installation I checked for the latest samba
version on the official repository using yum: the latest version (that was
already installed) is samba- 3.6.9-151.el6.
>From "man smb.conf" I have seen that "nis homedir" is not yet deprecated, I
used it a decade ago on samba-2.2.12 with successful.
On CentOS 6.4 I don't use ldap, but only nis and the latter works without
problem, I installed also autofs (auto.home).
autofs+nis are simple and work great, I can 'su' home users on nfs without
problem.


[global]

   workgroup = DORK   ;changed for privacy
   netbios name = lince
   server string = DMIT domain server
   interfaces = eth0

;   smb ports = 445

   hosts allow = 129.123.38., 139.123.39., 179.21.23., 127. ;changed for
privacy
   hosts deny = ALL

   os level = 33
   domain master = yes
   local master = yes
   preferred master = yes
   domain logons = yes
   security = user
   guest accout = guest
   encrypt passwords = yes
   check password script = /usr/local/sbin/crackcheck -d
/usr/share/cracklib/pw_dict

   smb passwd file = /etc/samba/smbpasswd
   passdb backend = smbpasswd
   username map = /etc/samba/smbusers

   time server = Yes

   log file = /var/log/samba/pc/%m.log

   nis homedir = yes
   homedir map = auto.home

   null passwords = yes
   client lanman auth = no

   logon script = logon.bat
   logon path =
   logon drive = M:
   logon home = \\%N\%U

   wins support = no
   wins server = winsserver  ;changed for privacy

   log level = 2
   lock directory = /var/log/samba/locks/
   state directory = /var/log/samba/state/
   cache directory = /var/log/samba/cache/
   pid directory = /var/log/samba/pid/
   usershare path = /var/log/samba/usershare/
   printjob username = %M\%U
   hide dot files = No[netlogon]
   path = /etc/samba/netlogon

;   max protocol = smb2

   kernel oplocks = no
   oplocks = no
   level2 oplocks = no
   posix locking = no

   follow symlinks = yes
   wide links = yes
   unix extensions = no
   nt acl support = no

   printing = lprng
   printcap name = /usr/local/samba/lib/printcap
   load printers = yes
   print command = /usr/bin/lpr -P%p %s; rm %s
   lpq command = /usr/bin/lpq -P%p
   lprm command = /usr/bin/lprm -P%p %j
   printcap cache time = 0

### speed tuning
   socket options = IPTOS_LOWDELAY TCP_NODELAY SO_KEEPALIVE
   write raw = yes
   read raw = no

###  for japanese font :(
   dos charset = cp932
   display charset = cp932
   unix charset = cp932

;  profiles drammatically slow the logout so I disabled
;  [profiles]
;  comment = Network Profiles Share
;  path = /etc/samba/profiles
;  read only = No
;  store dos attribute = Yes
;  create mask = 0600
;  directory mask = 0700
;  browseable = no


[netlogon]
   path = /etc/samba/netlogon
   writeable = no
   public = yes

[root]
   comment = Root di %h
   path = /
   read only = yes
   public = no
   locking = no

[printers]
   printable = yes
   public = yes
   writable = no
   guest ok = yes

   #create mode = 0700

[homes]
   comment = Users Home Directories
   read only = No
   create mask = 0644
   directory mask = 0711
   browseable = No
   valid users = %S
;  %S = the name of the current service, if any. service = map name,
;  so map name A-USER can only be connected by A-USER, %S = %u
;
;  By default, \\server\username shares can be connected to by anyone
;  with access to the samba server. This parameter make sure that only
;  username can connect to \\server\username

[project]
   comment = Group project directories
   path = /usr/local/samba/lib/prj  ;this path contains several links to nfs
   read only = no
   writable = yes
   create mode = 0775
   force create mode = 0775
   directory mode = 02775
   force directory mode = 02775
   public = no
   oplocks = no
,,,,,,,,,,,, continues but not important!



As you can see in the smb.conf  I added 'nis homedir = yes' and 'homedir
map = auto.home'
Samba- 3.6.9-151.el6 is included in CentOS 6.4 so to check if has been
compiled with configure --with-automount I used the command 'smbd -b|grep
-i automount':

  [root at dork]#smbd -b| grep -i automount
        WITH_AUTOMOUNT
        WITH_AUTOMOUNT

this is a piece of my /etc/auto.home:

pippo          server1:/dati3/export/home/&
pluto         server2:/iscsi/home/&
#paperino                 server1:/dati2/export/home/&
mickeymouse            server2:/iscsi/home/&
spiderman         server1:/dati2/export/home/&
,,,,,,,,,,, continues but not important!

Now after samba configuration I'm able to join the 'DORK' domain from win7
and at login the latter mounts all resources declared through logon.bat
without problem except the user's home directory because 'nis homedir'
fails.

I think, M: is not mounted on win7 because the variable %N is black
(strange!), I can say that because I also added %N to the file log name
'log file = /var/log/samba/test/%N_%p.log (but even %p is blank!), from man
smb.conf The NIS auto.map entry is split up as %N:%p, and if
--with-automount is not added during the compile %N become %L.....but in my
case %N is black not %L...


   logon drive = M:
   logon home = \\%N\%U


After, I did other tests: I started winbind services but I think nis no
needs it

You can see the log regarding the connection between the samba server and a
win7 pc named 'ORDONA', login username 'guest', all on
http://www.wepaste.com/vincenzo/


Where 'nis homedir' fails? Or is there a known bug?



-- 
Vincenzo De Sanctis

More information about the samba mailing list