[Samba] unixHomeDirectory, loginShell, etc. on Samba4 AD DC
walk2sun at arcor.de
Wed Sep 16 15:22:29 UTC 2015
On 17:07:40 wrote L.P.H. van Belle:
> On this subject..
> I asked Jim directly for some extra info, since im lots in the
> As i understand he needs a "local" and Ad users.
> Maybe this is usefull
> When the user log in for the first time, a local user is created in
> /etc/passwd and primary group created in /etc/group, and a local
> home directory is created in /home. This is useful on roaming
> computers when the password is set up to be cached by for example
> libpam-ccreds or sssd to allow login without network connectivity
> using the password provided by a network authentication service like
> Kerberos or LDAP.
> And some extra info on this
Not each working solution should be used. This document descripes
one potentaly dangerous solution.
* LDAP_TLS_REQCERT = never * and * LDAP_URI = ldap://ldap *
These combined settings tells your local ldap libs to communicate
unencryted with your AD server. This happens in all networks, trusted
More information about the samba