[Samba] Changing default UID/GID beginning for AD

mathias dufresne infractory at gmail.com
Fri Jun 10 14:37:07 UTC 2016

In short, when Samba joined to AD:
On DC:
winbind[d] is designed to refuse AD users on DC, to do that all users from
AD get shell=/bin/false for their connection tries are refused by DC

On Members:
You just have to set a shell in AD LDAP tree using RFC2307 attributes, for
sheel it is "loginShell". Then winbind will give your users the shell you
defined. No sheel defined and you fallbck on "template shell" which by
default is set to /bin/false.

2016-06-10 16:16 GMT+02:00 Rowland penny <rpenny at samba.org>:

> On 10/06/16 14:45, Daniel Thielking wrote:
>> Dear Colleagues,
>> we have a Samba4 DC in our environment. We are storing unix Information
>> in samba's AD.
>> Our Problem is:
>> The default values are not fitting for our environment.
>> We want to store a different Shell e.g /bin/tcsh. But the default Value
>> is /bin/sh.
>> Is it possible, to change those default values so that it fits direct at
>> the creation of a user?
>> Regards and thanks
>> Daniel
> Yes, it may be possible to change the shell (and other things), but you
> are going to have to give us a bit more info. Do your users log into the DC
> ? or are they logging into a domain member, perhaps if you were to post
> your smb.conf.
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list