[Samba] Manage unix users from AD
mourik jan heupink
heupink at merit.unu.edu
Tue Jan 28 09:23:16 MST 2014
Hi all,
>>> Consider a network with about 200+ employees, most of them windows user.
>>> Happens that one need to provide other non-windows services like e-mail,
>>> proxy and many others to them, running on other linux servers.
We are running a network exactly like that. In the samba3 days (one
PDC, openldap backend) we did not need winbind, never used it, no
complaints.
I am now testing samba4, and need (like we did in samba3/openldap) my
users to be linux and windows. We have one realm/domain, all users have
posix attributes.
I was planning to have two (DC only) DC's, both virtualised, and two
fileservers. It seems now (having read all discussion recently on
sssd/winbind) in samba4 we DO need winbind?
>> A related but tangential question is if is there a way to provision
>> these services when a new user is created from the windows
>> administration tool, i.e., if is there a way for samba to run a script
>> when a new user is created (or modified) from windows.
>> If there isn't, would it be possible to add it as a new feature?
[homes]
root preexec = /usr/local/sbin/mkhomedir.sh %U
comment=Home directory for %S
read only = No
browseable = No
Each time a user logs on, this script is executed. First the script
checks if it needs to run, and if yes, it does all sorts of things:
- create homedirectory
- fill it with default requirements
- set correct permissions
- set quota
- create a DFS base for that particular user
- create a network recycle bin (with vfs module recycle)
- etc, etc
MJ
More information about the samba
mailing list