[Samba] AD home drive

[Rowland penny]

On 13/06/2019 12:42, Praveen Ghimire via samba wrote:
> Hi ,
>
> We have an DC (Ubuntu18.04) which also acts as a file server. The server was recently classic upgraded to AD. Before that all the home drives were in /home. When we migrated to change we added the following in smb.conf to give users access to their existing home folders.
>
> The problem now is that when we create a user either using samba-tool create user username or smbpasswd or even via RSAT, it doesn't auto create the home drive. The samba-tool create takes the -home-drive directive but doesn't actually create the drive. Does this mean we need to create the home drive first(i.e /home/username/samba)? If so do we then need to setup permissions to those folders manually?

No, you need to add:

session    required   pam_mkhomedir.so skel=/etc/skel/ umask=0022

To /etc/pam.d/common-session

Your users will get their homedirs created at first logon.

>
> [homes]
>          comment = Home Directories
>          path = /home/%U/samba
>          read only = No
>          create mask = 0700
>          directory mask = 0700
>          directory mode = 0700
>          browseable = No
>          wide links = Yes
>          vfs objects = full_audit

I would change the above to:

[homes]
         comment = Home Directories
         path = /home/%U/samba
         read only = No
         vfs objects = full_audit

>
>
> The other question is that the /var/log/samba/log.%m file has become huge, 9 GB. Following the below , we added the max log size = 1000 in smb.conf and did the reload. The log file still hasn't rotated. Are we missing something ? The audit level is at 4
>
>
> https://wiki.samba.org/index.php/Configuring_Logging_on_a_Samba_Server
>
You will need to set up logrotating, see your distros documentation for 
how to do this

Rowland