[Samba] Password changes and syncing passwords with Linux accounts

Chris Hastie lists at oak-wood.co.uk
Tue Feb 16 12:38:03 UTC 2016

On 16/02/16 09:32, Rowland penny wrote:
> I would suggest that you start here:
> https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
> Some of the info is also applicable if you use a DC as a fileserver 
> and you will have to click on links to get the full info.

OK. I've done my best to try and understand this. I presume that as the 
machine is the AD-DC it's already a member of the AD. A key point seemed 
to be nsswitch.conf, which I have changed. Now getent passwd does return 
all the domain accounts, but all the login shells are returned as 
/bin/false and home directories as /home/MYDOMAIN/someuser

This is despite the fact that looking directly at the LDAP records my 
own account says loginShell /bin/bash and unixHomeDirectory /home/chris. 
An attempt to login fails because "Could not chdir to home directory 
/home/MYDOMAIN/chris: No such file or directory" (I'm actually surprised 
it wasn't the /bin/false that was the deciding factor)

     template homedir = /home/%U
     template shell = /bin/bash

gets the shell to /bin/bash, but for everyone. But the home directory 
for all users becomes /home/%U, ie no substitution of %U is done. How 
can I get the shells and home directories to be returned as desired?

Also, the username is always preceded by MYDOMAIN\. Oddly as well, 
wbinfo -u includes both a 'chris' and a 'MYDOMAIN\chris', and getent 
passwd returns two separate MYDOMAIN\chris lines. Whether this is a 
problem I don't know, but there doesn't seem much point in going further 
until I can at least see sensible shells and home directories.



More information about the samba mailing list