[Samba] Automaticaly create User-Home directories for NFS

Daniel Thielking Daniel.Thielking at ias.rwth-aachen.de
Wed May 28 06:26:12 MDT 2014


Thank you for your replying.

All our Clients are CentOS 6.5 with Gnome and KDE.
What I have done is that I use the authconfig-tui tool to add the client 
to the AD.
In the files under /etc/pam.d/ who called system-auth, system-auth-ac, 
password-auth, password-auth-ac there is this module 'pam_mkhomedir.so' 
already added,
but if I login with a user and the modules shall create a new directory 
they don't use the umask and skeldir what I have selected. Any 
explanation about it.

But this solution is just a little insecure because the client tries to 
create the homedir with the local root user and this is not alowed with 
NFS because of root_squash I can give rw rights to the group others but 
I don't prefer that. Sorry.

_____________________________________________________

Auszubildender Fachinformatiker für Systemintegration
RWTH Aachen
Lehrstuhl für Integrierte Analogschaltungen
Raum 24C 313
Walter-Schottky-Haus
Sommerfeldstr. 24
D-52074 Aachen

www.ias.rwth-aachen.de

Email: Daniel.Thielking at ias.rwth-aachen.de
Phone: +49-(0)241-80-27771
   FAX: +49-(0)241-80-627771
_____________________________________________________

Am 28.05.2014 14:01, schrieb Sven Schwedas:
> On 2014-05-28 13:52, Daniel Thielking wrote:
>> Yes I see the user on all my Linux clients.
>> In which smb.conf should I add the two lines? Clients or Server?
>> Maybe I'm stupid but where shall I add the pam_mkhomedir.so ..., what do
>> you mean with 'pam common-session'?
> pam_mkhomedir creates a user's homedir on the first login, which you'll
> need to register with PAM to be used.
>
> For Debian and derivatives you can put http://pastebin.com/Ag6wd4Z5 into
> /usr/share/pam-configs and activate it with pam-auth-update. Redhat
> based distributions probably have a similar mechanism.
>
> In the end, your PAM configuration needs to have the line
>> session	required	pam_mkhomedir.so skel=/etc/skel/ umask=0022
> active for whatever service(s) you need to authenticate your users.
>
>
>> _____________________________________________________
>>
>> Auszubildender Fachinformatiker für Systemintegration
>> RWTH Aachen
>> Lehrstuhl für Integrierte Analogschaltungen
>> Raum 24C 313
>> Walter-Schottky-Haus
>> Sommerfeldstr. 24
>> D-52074 Aachen
>>
>> www.ias.rwth-aachen.de
>>
>> Email: Daniel.Thielking at ias.rwth-aachen.de
>> Phone: +49-(0)241-80-27771
>>    FAX: +49-(0)241-80-627771
>> _____________________________________________________
>>
>> Am 28.05.2014 13:44, schrieb Daniel Müller:
>>> Winbind is running you see the ads users on your linux box?
>>> First I think you need in your smb.conf:
>>> template shell = /bin/bash
>>> template homedir=/xxx/yyy/%U
>>>
>>> in your pam common-session something like that:
>>>
>>> session required pam_mkhomedir.so skel=/etc/skel umask=0022
>>>
>>> I think this could be the direction.
>>>
>>> Good Luck
>>> Daniel
>>>
>>> EDV Daniel Müller
>>>
>>> Leitung EDV
>>> Tropenklinik Paul-Lechler-Krankenhaus
>>> Paul-Lechler-Str. 24
>>> 72076 Tübingen
>>> Tel.: 07071/206-463, Fax: 07071/206-499
>>> eMail: mueller at tropenklinik.de
>>> Internet: www.tropenklinik.de
>>>
>>>
>>>
>>>
>>>
>>>
>>> -----Ursprüngliche Nachricht-----
>>> Von: samba-bounces at lists.samba.org
>>> [mailto:samba-bounces at lists.samba.org] Im
>>> Auftrag von Daniel Thielking
>>> Gesendet: Mittwoch, 28. Mai 2014 13:24
>>> An: samba at lists.samba.org
>>> Betreff: Re: [Samba] Automaticaly create User-Home directories for NFS
>>>
>>> Yes I use the rsat but,
>>>
>>> I don't want a windows home share.
>>>
>>> I need a share what is conform with normal Unix file rights because of
>>> NFS.
>>> If I would use the 'rsat tool' than i have special ACL on my
>>> filesystem and
>>> NFS is not working with this.
>>>
>>> What I think what I need is an automation that, if I create an new
>>> User with
>>> rsat and add him to a nisdomain than the homedir would create
>>> automatically.
>>> Like the behavior of smbldap-useradd with the parameter -m.
>>>
>>>
>>> _____________________________________________________
>>>
>>> Auszubildender Fachinformatiker für Systemintegration RWTH Aachen
>>> Lehrstuhl
>>> für Integrierte Analogschaltungen Raum 24C 313 Walter-Schottky-Haus
>>> Sommerfeldstr. 24
>>> D-52074 Aachen
>>>
>>> www.ias.rwth-aachen.de
>>>
>>> Email: Daniel.Thielking at ias.rwth-aachen.de
>>> Phone: +49-(0)241-80-27771
>>>      FAX: +49-(0)241-80-627771
>>> _____________________________________________________
>>>
>>> Am 28.05.2014 12:58, schrieb Daniel Müller:
>>>> Do you use rsat from windows to create the users?
>>>> Smb.conf:
>>>> [home]
>>>> path=/your/home/path
>>>> read only= no
>>>>
>>>> In rsat create the new user/password then klick on properties choose
>>>> profile, choose connect with, fill in \\youradc\home\%username%
>>>>
>>>>
>>>> EDV Daniel Müller
>>>>
>>>> Leitung EDV
>>>> Tropenklinik Paul-Lechler-Krankenhaus
>>>> Paul-Lechler-Str. 24
>>>> 72076 Tübingen
>>>> Tel.: 07071/206-463, Fax: 07071/206-499
>>>> eMail: mueller at tropenklinik.de
>>>> Internet: www.tropenklinik.de
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> -----Ursprüngliche Nachricht-----
>>>> Von: samba-bounces at lists.samba.org
>>>> [mailto:samba-bounces at lists.samba.org] Im Auftrag von Daniel Thielking
>>>> Gesendet: Mittwoch, 28. Mai 2014 12:23
>>>> An: samba at lists.samba.org
>>>> Betreff: [Samba] Automaticaly create User-Home directories for NFS
>>>>
>>>> Hello, I have a problem with my Samba4 AD-Controller and NFS. We want
>>>> to distribute a NFS-Share for our home directory. The problem is that
>>>> the client is trying to create it on the fly for the first user login
>>>> but you get 'Permission denied' because of the root_spuash option of the
>>> NFS-Server.
>>>> My question: Is there any posibillity that the normal home directory
>>>> is created after adding a new user to the ActiveDirectory?
>>>>
>>>> -- 
>>>> _____________________________________________________
>>>>
>>>> Auszubildender Fachinformatiker für Systemintegration RWTH Aachen
>>>> Lehrstuhl für Integrierte Analogschaltungen Raum 24C 313
>>>> Walter-Schottky-Haus Sommerfeldstr. 24
>>>> D-52074 Aachen
>>>>
>>>> www.ias.rwth-aachen.de
>>>>
>>>> Email: Daniel.Thielking at ias.rwth-aachen.de
>>>> Phone: +49-(0)241-80-27771
>>>>       FAX: +49-(0)241-80-627771
>>>> _____________________________________________________
>>>>
>>>> -- 
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>
>>> -- 
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>
>
>



More information about the samba mailing list