[Samba] winbind: homeDirectory being ignored
Brian Candler
b.candler at pobox.com
Tue Jun 24 06:41:35 MDT 2014
Something strange here. User created using:
root at dc1:~# samba-tool user add user7 Abcd1234 --uid-number=1007
--home-directory=/home/user7 --login-shell=/bin/bash
User 'user7' created successfully
I can see the homeDirectory attribute in the entry. But the home
directory that winbind returns is just the template one:
root at adclient:~# getent passwd user7
user7:*:1007:70001:user7:/home/ADTEST/user7:/bin/bash
Here is /etc/samba/smb.conf on the adclient machine:
--- 8< ---
[global]
#netbios name = adclient
workgroup = ADTEST
security = ADS
realm = ADTEST.INT.EXAMPLE.NET
encrypt passwords = yes
kerberos method = secrets and keytab
idmap config *:backend = tdb
idmap config *:range = 70001-80000
idmap config ADTEST:backend = ad
idmap config ADTEST:schema_mode = rfc2307
idmap config ADTEST:range = 500-40000
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
--- 8< ---
This is based on
https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server#Set_up_a_basic_smb.conf
(and notice that it includes "winbind nss info = rfc2307")
The full LDAP record is below. Both machines are ubuntu 14.04, Samba 4.1.6.
Any ideas what I'm doing wrong?
Thanks,
Brian.
------------
root at dc1:~# ldapsearch -b
CN=user7,CN=users,DC=adtest,DC=int,DC=example,DC=net
SASL/GSSAPI authentication started
SASL username: user at ADTEST.INT.EXAMPLE.NET
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <CN=user7,CN=users,DC=adtest,DC=int,DC=example,DC=net> with scope
subtree
# filter: (objectclass=*)
# requesting: ALL
#
# user7, Users, adtest.int.example.net
dn: CN=user7,CN=Users,DC=adtest,DC=int,DC=example,DC=net
cn: user7
instanceType: 4
whenCreated: 20140624123352.0Z
whenChanged: 20140624123352.0Z
uSNCreated: 4281
name: user7
objectGUID:: XX+EJB9AHk+JuLSU5PkJDA==
badPwdCount: 0
codePage: 0
countryCode: 0
homeDirectory: /home/user7
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
primaryGroupID: 513
objectSid:: AQUAAAAAAAUVAAAAZ5nUF79P8gY2aC90ZAQAAA==
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: user7
sAMAccountType: 805306368
userPrincipalName: user7 at adtest.int.example.net
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=adtest,DC=int,DC=examp
le,DC=net
uidNumber: 1007
loginShell: /bin/bash
objectClass: top
objectClass: posixAccount
objectClass: person
objectClass: organizationalPerson
objectClass: user
pwdLastSet: 130480868320000000
userAccountControl: 512
uSNChanged: 4285
distinguishedName: CN=user7,CN=Users,DC=adtest,DC=int,DC=example,DC=net
# search result
search: 5
result: 0 Success
# numResponses: 2
# numEntries: 1
More information about the samba
mailing list