[Samba] Password changes and syncing passwords with Linux accounts
lists at oak-wood.co.uk
Tue Feb 16 12:38:03 UTC 2016
On 16/02/16 09:32, Rowland penny wrote:
> I would suggest that you start here:
> Some of the info is also applicable if you use a DC as a fileserver
> and you will have to click on links to get the full info.
OK. I've done my best to try and understand this. I presume that as the
machine is the AD-DC it's already a member of the AD. A key point seemed
to be nsswitch.conf, which I have changed. Now getent passwd does return
all the domain accounts, but all the login shells are returned as
/bin/false and home directories as /home/MYDOMAIN/someuser
This is despite the fact that looking directly at the LDAP records my
own account says loginShell /bin/bash and unixHomeDirectory /home/chris.
An attempt to login fails because "Could not chdir to home directory
/home/MYDOMAIN/chris: No such file or directory" (I'm actually surprised
it wasn't the /bin/false that was the deciding factor)
template homedir = /home/%U
template shell = /bin/bash
gets the shell to /bin/bash, but for everyone. But the home directory
for all users becomes /home/%U, ie no substitution of %U is done. How
can I get the shells and home directories to be returned as desired?
Also, the username is always preceded by MYDOMAIN\. Oddly as well,
wbinfo -u includes both a 'chris' and a 'MYDOMAIN\chris', and getent
passwd returns two separate MYDOMAIN\chris lines. Whether this is a
problem I don't know, but there doesn't seem much point in going further
until I can at least see sensible shells and home directories.
More information about the samba