[Samba] Override Linux homedir given by AD

Daniel Müller mueller at tropenklinik.de
Thu Oct 31 04:02:16 MDT 2013


logon script= %a.bat

where %a is substituted with the clients OS.
Google for "samba %a"

EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Simon
Gesendet: Donnerstag, 31. Oktober 2013 10:40
An: samba at lists.samba.org
Betreff: Re: [Samba] Override Linux homedir given by AD


On 2013-10-30 23:39, trentbuck at gmail.com wrote: 

> Simon <simon at calmblue.net> writes:
>> I have successfully joined a Debian 7 box to a 2008 R2 Windows Domain
using Samba and Winbind. The Linux uid is pulled from the uidNumber in
Active Directory as is the shell and home dir. PAM is also configured to
create a user's homedir on login. The trouble is that in AD the homedir is
set to '/User' and I don't want that to be the case on the Debian boxes - I
would like to set it as /home/domain/user. Can I override the homedir
setting on a per-client basis using the smb.conf?
> AIUI from other ML correspondents, there are two winbinds 
> implementations -- one for samba3 and one for samba4 -- and the latter 
> doesn't let you change $HOME at all, as at 4.0.x.
> You probably want to look at sssd instead of winbind.
> I'm using a samba 4.0.9 AD DC and nss_winbind, and I got 
> /home/DOMAIN/alice instead of /home/alice, so I just cheated by 
> running "ln -s . /home/DOMAIN". I don't think that would work for you.

Thanks, I'm using Samba version 3.6.6, 

Leaving sssd aside for a moment (because winbind seems to be working) are
you saying that with 3.6.6 I _should_ be able to override the 'Home
Directory' pulled from the AD? 

My current config: 

#=== Global Settings ===

 netbios name = "$hostname"
 server string = Samba Server %v on (%L)

#=== Logging Options ===

 log level = 3
 # logs split per machine
 log file = /var/log/samba/%m.log
 # max 50KB per log file, then rotate
 max log size = 50

#=== Domain Members Options ===

 security = ads
 workgroup = DOMAIN
 password server = dc.domain.example.com  client ntlmv2 auth = yes  restrict
anonymous = 2

 idmap config * : range = 500-999
 idmap config "$domainMs" : backend = ad  idmap config "$domainMs" :
schema_mode = rfc2307  idmap config "$domainMs" : readonly = yes  idmap
config "$domainMs" : range = 1000-4294967295  idmap negative cache time = 20

 winbind cache time = 600
 winbind nss info = rfc2307
 winbind enum users = yes
 winbind enum groups = yes
 winbind expand groups = 2
 winbind use default domain = yes
 winbind offline logon = true

#=== Browser Control Options ===

 local master = no
 preferred master = no
 os level = 0" >> /etc/samba/smb.conf
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list