[Samba] Override Linux homedir given by AD
steve
steve at steve-ss.com
Thu Oct 31 04:43:03 MDT 2013
On Thu, 2013-10-31 at 10:28 +0000, Simon wrote:
>
> On 2013-10-31 10:03, steve wrote:
>
> > On Wed, 2013-10-30 at 22:27 +0000, Simon wrote:
> >
> >> The Linux uid is pulled from the uidNumber in Active Directory
> >
> > Hi
> > That's a bad idea and may explain why the homedir is not working. It's
> > best to leave uidNumber as it is and pull uid as samAccountName.
> >
> > e.g. you would expect a home directory to be something like:
> > /home/domain/simon
> > rather than:
> > /home/domain/30012673
> >
> > Cheers,
> > Steve
>
> Thanks but I'm not sure I follow,
>
> At the moment when I log on with an AD account that has not logged in
> before the users home is created in /User and then if I run the command
> 'id' the uid matches the attribute called uidNumber in AD.
>
> Is this not good?
In LDAP and AD, we should be careful with what we map to what. uid is a
name that corresponds to a uidNumber:
Here I am in AD:
id steve2
uid=3000021(steve2) gid=20513(Domain Users) groups=20513(Domain Users)
my uid is pulled from AD by samAccountName (steve2)
my uidNumber is pulled from AD as uidNumber (3000021)
So that users can easily identify themselves as a name rather than a
number we usually map passwd uid to samAccountName and do nothing with
uidNumber.
You are mapping uid to uidNumber, which I don't think is what you want.
Cheers,
Steve
More information about the samba
mailing list