[Samba] Samba AD domain member and home directory creation

Denis Cardon dcardon at tranquil.it
Thu Feb 9 19:07:08 UTC 2017 

Hi Dario,

> On a Centos 7 minimal fresh install I have follow this howto:
>
> http://www.hexblot.com/blog/centos-7-active-directory-and-samba
>
> and I have Joining to an Active Directory server without problem.
>
> The command "id administrator" work great, the home directory (/home/us
> er at srl) is successfully created if I run "su - user" or "ssh
> user at localhost" from a shell command.
>
> Ad this point I have add the [homes] session to smb.conf
>
>     [homes]
>         comment = Home Directories
>         browseable = No
>         inherit acls = Yes
>         read only = No
>         valid users = %S %D%w%S
>
> an also this work fine, but only if I run before "su - user" or I
> create manually the user's home directory.
>
> My question is:
>
>     There is some way to create automatically this home directory when
>     the user access to it the first time via smbclient or another WinPC?

you can add a "root preexec=/opt/create_home.sh " parameter [1] in the 
share definition and create the home and set the owner/mask in the shell 
script. As the name implies, it will execute the script as root before 
giving access to the share to the user. I have not tested it with 
selinux enabled though.

Cheers,

Denis

[1] https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html , 
search for "root preexec"


>
> Many thanks.
>
> P.S. This is my testparm -s:
>
>> Server role: ROLE_DOMAIN_MEMBER
>>
>> # Global parameters
>> [global]
>>         realm = SRL.LOCAL
>>         workgroup = SRL
>>         log file = /var/log/samba/log.%m
>>         max log size = 50
>>         load printers = No
>>         printcap name = /dev/null
>>         security = ADS
>>         idmap config * : backend = tdb
>>         cups options = raw
>>         hosts allow = 127. 192.168.1.
>>
>>
>> [homes]
>>         comment = Home Directories
>>         browseable = No
>>         inherit acls = Yes
>>         read only = No
>>         valid users = %S %D%w%S
>>
>>
>> [dati]
>>         comment = Area pubblica
>>         path = /u/samba/dati
>>         read only = No
>>

-- 
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint SĂ©bastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr

More information about the samba mailing list