[Samba] Can't get 'root preexec' to run

Ole Traupe ole.traupe at tu-berlin.de
Thu Oct 22 13:02:05 UTC 2015 

The next interesting question for me is:

If I put '\\server\%username%' into ADUC Windows part (or 
\\server\username explicitly, for that matter), Samba on 'Ok/Apply' 
registers the attempt to access a non-existing share and applies the 
[homes] section (executes 'root preexec'). I tested that. However, the 
user doing this is the domain admin. So Samba would look that user up 
and create a new share named like the *domain admin* user - and link it 
to the local home of the domain admin user (if not specified otherwise). 
That is not what we want.

If I put '/home/user' into the ADUC Unix Attributes, and the user then 
logs on to a domain member server, nothing will happen. Because the 
share 'home' ([home] without s) already exists. Because it already has 
to be mounted on the member server. Otherwise, the the user logging on 
wouldn't be able to access it. And even if it did not exist: the user 
always accesses locally mounted stuff, so never actually access the 
Samba file server hosting the (intended) home shares

So how do you actually use this option?

The only solution I could come up with is a logon script mounting the 
user's home on demand (on logon). But that would fail, because the user 
has no root permissions. Right? Or am I missing something?



Am 22.10.2015 um 14:28 schrieb Rowland Penny:
> On 22/10/15 13:07, mourik jan heupink wrote:
>>
>>
>> On 10/22/2015 11:37 AM, Rowland Penny wrote:
>>>> However, I wouldn't want to use \\server\%username% as home dir
>>>> location, was well.
>>>>
>>>>
>>>
>>> I wouldn't either, mostly because it wouldn't work.
>>>
>>> Rowland
>
> Perhaps I should have been a bit more explicit, having a 
> 'unixHomeDirectory' attribute containing '\\server\%username%' will 
> not work, it is expected to contain something like '/home/rowland' 
> i.e. the path to the home directory belonging to Rowland. Unix would 
> not identify backslashes, it expects forward slashes , it wouldn't be 
> able to understand '%username%' either
>
> Rowland
>
>>
>> Well it has been working here for *many* years, pretty much already 
>> since samba 2.2.8 days. The only problem is that nowadays (when using 
>> AD/aduc) ADUC insists to create the folder for us, and that doesn't 
>> work with \\server\%username%
>>
>> (and yes, I know about the other ways to create users, it's just that 
>> the persons creating our users like the regular windows tools to do 
>> their job)
>>
>> MJ
>>
>
>

More information about the samba mailing list