[Samba] unixHomeDirectory, loginShell, etc. on Samba4 AD DC
Harry Jede
walk2sun at arcor.de
Wed Sep 16 15:22:29 UTC 2015
On 17:07:40 wrote L.P.H. van Belle:
> On this subject..
> I asked Jim directly for some extra info, since im lots in the
> thread.
>
> As i understand he needs a "local" and Ad users.
>
> Maybe this is usefull
>
> libpam-mklocaluser
>
> When the user log in for the first time, a local user is created in
> /etc/passwd and primary group created in /etc/group, and a local
> home directory is created in /home. This is useful on roaming
> computers when the password is set up to be cached by for example
> libpam-ccreds or sssd to allow login without network connectivity
> using the password provided by a network authentication service like
> Kerberos or LDAP.
>
> And some extra info on this
> http://people.skolelinux.org/pere/blog/Caching_password__user_and_group_on_a_roaming_Debian_laptop.html
Not each working solution should be used. This document descripes
one potentaly dangerous solution.
* LDAP_TLS_REQCERT = never * and * LDAP_URI = ldap://ldap *
These combined settings tells your local ldap libs to communicate
unencryted with your AD server. This happens in all networks, trusted
or untrusted.
> Greetz,
>
> Louis
--
Regards
Harry Jede
More information about the samba
mailing list