[Samba] Unable to set up home share correctly

Rowland Penny rpenny at samba.org
Mon Oct 17 21:26:24 UTC 2016 

See inline comments:

On Mon, 17 Oct 2016 23:09:34 +0200
Udo Willke via samba <samba at lists.samba.org> wrote:

> Hello Rowland,
> 

> >> Today, I followed the wiki page
> >> <https://wiki.samba.org/index.php/User_home_drives> with all the
> >> prerequisites. Unfortunately, the automatic home folder creation
> >> still does not work.
> > Just followed it myself and it does work against a Samba fileserver.
> Hmm, then I must be doing it wrong somehow ... :-[
> >
> > Where do you expect the home directory to be created ?
> 
> On the Samba member server as defined in the [home] share definition 
> (and also as defined in the user profile (home drive/home share))
> 
> > Is it on a Samba machine and if so what have you got in smb.conf ?
> 
> Here comes my smb.conf of the member server == file server
> 
> [global]
>      netbios name = FILESERVER2
>      security = ADS
>      workgroup = MYDOMAIN
>      realm = MYDOMAIN.LAN
>      server string = Virtual Server
> 
>      log level = 5
>      log file = /var/log/samba/%m.log
> 
>      password server = 192.168.6.8
> 
It would be better if you let Samba find the AD DC

>      dedicated keytab file = /etc/krb5.keytab
>      kerberos method = secrets and keytab
> 
>      username map = /etc/samba/user.map
> 
>      ;; Use settings from AD for login shell and home directory
>      winbind nss info = rfc2307
>      winbind trusted domains only = no
>      winbind use default domain = no
>      winbind enum users  = yes
>      winbind enum groups = yes
>      winbind refresh tickets = Yes
>      winbind cache time = 60
> 
>      ;; Default idmap config used for BUILTIN and local
> accounts/groups idmap config * : backend = tdb
>      idmap config * : range = 2000-9999
> 
>      ;; idmap config for domain MYDOMAIN
>      idmap config MYDOMAIN : backend = ad
>      idmap config MYDOMAIN : schema_mode = rfc2307
>      idmap config MYDOMAIN : range = 10000-99999
> 
>      vfs objects = acl_xattr
>      map acl inherit = yes
>      store dos attributes = yes
> 
>      load printers = no
>      printing = bsd
>      printcap name = /dev/null
>      disable spoolss = yes
> 
>      template homedir = /var/share/samba/homes/%U

If you want to use the template line, you do not need the 'schema_mode'
line in 'idmap config'

> 
> 
> [home]
>      path = /var/share/samba/homes
>      guest ok = no
>      read only = no
>      browseable = yes

Sure you are following the wiki page ?, just where on that page does it
tell you to add 'guest ok' and browseable' lines ?? 

> 
> [profiles]
>      path = /var/share/samba/profiles
>      read only = no
>      store dos attributes = yes
>      create mask = 0600
>      directory mask = 0700
>      guest ok = no
>      profile acls = yes
>      csc policy = disable
> >

There is also a wiki page on setting up the profile share, see here:

https://wiki.samba.org/index.php/Implementing_roaming_profiles

I would look at the 'shares' wiki page again, follow it to letter,
adding the users & groups shown, removing any others not shown and see
if you can make it work.

Rowland

More information about the samba mailing list