[Samba] Unable to set up home share correctly

L.P.H. van Belle belle at bazuin.nl
Tue Oct 18 10:03:18 UTC 2016


Just one thing.. 

>    --profile-path="\\\\fileserver\\profiles\\kbudwi" \
>    --home-directory="\\\\fileserver\\home\\kbudwi" \

Use FQDN. ="\\\\fileserver.domain.tld\\.... 

https://technet.microsoft.com/en-us/library/cc974331(v=ws.10).aspx 

https://technet.microsoft.com/en-us/library/cc794753(v=ws.10).aspx 

Greetz, 

Louis 



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Udo Willke via
> samba
> Verzonden: dinsdag 18 oktober 2016 11:37
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Unable to set up home share correctly
> 
> Hello Rowland,
> 
> the home folder creation works now(!) It was a misunderstanding on my
> side. The key phrase in the wiki is:
> 
> "Close the users properties window with „OK“ to save the modification.
> **The users home directory is created on the fly during the save
> processes.**"
> 
> This is a different behaviour as with the "profiles" folders which are
> created during the first login with a new account. I thought it would be
> the same mechanism with the home shares too, which was wrong. Sorry for
> taking so much of your time.
> 
> Does folder creation also work when I create user accounts on the linux
> side with samba-tool
> 
> samba-tool user create kbuwi first_time_passwd \
>    --userou=CN=Users \
>    --surname="Willke" \
>    --given-name="Udo" \
>    --profile-path="\\\\fileserver\\profiles\\kbudwi" \
>    --home-drive="H" \
>    --home-directory="\\\\fileserver\\home\\kbudwi" \
>    --job-title="IT Specialist" \
>    --department="Some Department" \
>    --company="Some Company" \
>    --description="Some Description" \
>    --mail-address="Udo.Willke at somedomain.edu" \
>    --internet-address="http://somedomain.edu/somepage" \
>    --telephone-number="+49 123/4567890" \
>    --physical-delivery-office="Some Office" \
>    --nis-domain="mydomain" \
>    --unix-home="/var/share/samba/homes/kbudwi" \
>    --uid="$USERNAME" \
>    --uid-number="$uidNumber" \
>    --gid-number="$gidNumber" \
>    --gecos="$PRENAME $NAME" \
>    --login-shell="/bin/false" \
>    --must-change-at-next-login
> 
> 
> Is the command meant to be used in this way?
> 
> What I also noticed is, that wbinfo has the --allocate-gid und
> --allocate-uid options which could be used to assign the $uidNumber and
> $uidNumber variables in my script. However "samba-tool create user" is
> supposed to run as "root" on the DC while "wbinfo --allocate-gid" seems
> to give results only on the member server. Is there a possibility to run
> everything on the same machine? OK, the obvious solution is to execute
> it remotely over ssh.
> 
> Many thanks again and best regards
> 
> Udo
> 
> 
> 
> Am 17.10.2016 um 23:26 schrieb Rowland Penny via samba:
> > See inline comments:
> >
> > On Mon, 17 Oct 2016 23:09:34 +0200
> > Udo Willke via samba <samba at lists.samba.org> wrote:
> >
> >> Hello Rowland,
> >>
> >>>> Today, I followed the wiki page
> >>>> <https://wiki.samba.org/index.php/User_home_drives> with all the
> >>>> prerequisites. Unfortunately, the automatic home folder creation
> >>>> still does not work.
> >>> Just followed it myself and it does work against a Samba fileserver.
> >> Hmm, then I must be doing it wrong somehow ... :-[
> >>> Where do you expect the home directory to be created ?
> >> On the Samba member server as defined in the [home] share definition
> >> (and also as defined in the user profile (home drive/home share))
> >>
> >>> Is it on a Samba machine and if so what have you got in smb.conf ?
> >> Here comes my smb.conf of the member server == file server
> >>
> >> [global]
> >>       netbios name = FILESERVER2
> >>       security = ADS
> >>       workgroup = MYDOMAIN
> >>       realm = MYDOMAIN.LAN
> >>       server string = Virtual Server
> >>
> >>       log level = 5
> >>       log file = /var/log/samba/%m.log
> >>
> >>       password server = 192.168.6.8
> >>
> > It would be better if you let Samba find the AD DC
> >
> >>       dedicated keytab file = /etc/krb5.keytab
> >>       kerberos method = secrets and keytab
> >>
> >>       username map = /etc/samba/user.map
> >>
> >>       ;; Use settings from AD for login shell and home directory
> >>       winbind nss info = rfc2307
> >>       winbind trusted domains only = no
> >>       winbind use default domain = no
> >>       winbind enum users  = yes
> >>       winbind enum groups = yes
> >>       winbind refresh tickets = Yes
> >>       winbind cache time = 60
> >>
> >>       ;; Default idmap config used for BUILTIN and local
> >> accounts/groups idmap config * : backend = tdb
> >>       idmap config * : range = 2000-9999
> >>
> >>       ;; idmap config for domain MYDOMAIN
> >>       idmap config MYDOMAIN : backend = ad
> >>       idmap config MYDOMAIN : schema_mode = rfc2307
> >>       idmap config MYDOMAIN : range = 10000-99999
> >>
> >>       vfs objects = acl_xattr
> >>       map acl inherit = yes
> >>       store dos attributes = yes
> >>
> >>       load printers = no
> >>       printing = bsd
> >>       printcap name = /dev/null
> >>       disable spoolss = yes
> >>
> >>       template homedir = /var/share/samba/homes/%U
> > If you want to use the template line, you do not need the 'schema_mode'
> > line in 'idmap config'
> >
> >>
> >> [home]
> >>       path = /var/share/samba/homes
> >>       guest ok = no
> >>       read only = no
> >>       browseable = yes
> > Sure you are following the wiki page ?, just where on that page does it
> > tell you to add 'guest ok' and browseable' lines ??
> >
> >> [profiles]
> >>       path = /var/share/samba/profiles
> >>       read only = no
> >>       store dos attributes = yes
> >>       create mask = 0600
> >>       directory mask = 0700
> >>       guest ok = no
> >>       profile acls = yes
> >>       csc policy = disable
> > There is also a wiki page on setting up the profile share, see here:
> >
> > https://wiki.samba.org/index.php/Implementing_roaming_profiles
> >
> > I would look at the 'shares' wiki page again, follow it to letter,
> > adding the users & groups shown, removing any others not shown and see
> > if you can make it work.
> >
> > Rowland
> >
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba




More information about the samba mailing list