[Samba] Override Linux homedir given by AD

steve steve at steve-ss.com
Thu Oct 31 04:43:03 MDT 2013

On Thu, 2013-10-31 at 10:28 +0000, Simon wrote:
> On 2013-10-31 10:03, steve wrote: 
> > On Wed, 2013-10-30 at 22:27 +0000, Simon wrote:
> > 
> >> The Linux uid is pulled from the uidNumber in Active Directory
> > 
> > Hi
> > That's a bad idea and may explain why the homedir is not working. It's
> > best to leave uidNumber as it is and pull uid as samAccountName.
> > 
> > e.g. you would expect a home directory to be something like:
> > /home/domain/simon
> > rather than:
> > /home/domain/30012673
> > 
> > Cheers,
> > Steve
> Thanks but I'm not sure I follow, 
> At the moment when I log on with an AD account that has not logged in
> before the users home is created in /User and then if I run the command
> 'id' the uid matches the attribute called uidNumber in AD. 
> Is this not good? 

In LDAP and AD, we should be careful with what we map to what. uid is a
name that corresponds to a uidNumber:
Here I am in AD:
id steve2
uid=3000021(steve2) gid=20513(Domain Users) groups=20513(Domain Users)

my uid is pulled from AD by samAccountName (steve2)
my uidNumber is pulled from AD as uidNumber (3000021)

So that users can easily identify themselves as a name rather than a
number we usually map passwd uid to samAccountName and do nothing with

You are mapping uid to uidNumber, which I don't think is what you want.

More information about the samba mailing list