[Samba] Users' Home Folders - conflicting advice in WiKi

[Alex MacCuish]

The way I do it, I create the home folder share on the server and set 
the required ACLs as in the wiki. Then I fill in the field in the ADUC 
Pane, Profile Path. Then I click ok. At that point, ADUC should open a 
connection to the share, create the new folder, set the acl correctly 
and then change the ownership.

pam_mkhomedir is for when you're logging in say via SSH and unix needs 
somewhere to put your dot files. It's not automatically mounted from the 
user home share. These are two separate concepts. pam_mkhomedir, as far 
as I know, never automatically creates home directories on the server in 
the user profile share.

On 10/04/2020 21:17, Viktor Trojanovic via samba wrote:
>
> On 10.04.2020 20:22, Rowland penny via samba wrote:
>> On 10/04/2020 18:02, Roy Eastwood via samba wrote:
>>> Rowland,
>>>
>>> In the Wiki page "User Home Folders", Section 2.1 "Using Windows ACLs"
>>> correctly describes how to set permissions to allow the Windows program
>>> Active Directory Users and Computers to automatically create the 
>>> user's home
>>> folder.   But in the next section  "Creating the Home folder for a 
>>> New User"
>>> 3.1 "Using Windows ACLs", the blue box states that ADUC cannot 
>>> automatically
>>> create home folders on a 'unix' machine.   Do you literally mean unix?
>>> Certainly on my Linux (Debian) machine it works OK.    Perhaps this 
>>> boxed
>>> comment needs amendment?
>>>
>>> Cheers,
>>>
>>> Roy
>>>
>> 'unix' = any version of Unix, Linux is a version of Unix.
>>
>> Are you sure that ADUC is creating the users home directory on your 
>> Linux machines ?
>>
>> As far as I am aware Samba doesn't have the code to do this and ADUC 
>> running on Windows has no ability to do it either.
>>
>> It could be that you have pam_mkhomedir set in your PAM stack and it 
>> is this that is creating your users home directories at login.
>>
>> Myself and Louis collaborated to write a 'root prexec' script to 
>> create the users home directory at Samba connection.
>>
>> To the best of my knowledge, you have to use one or the other method.
>>
>> Rowland
>>
>>
> Actually, this is something I noticed myself a (long) while ago.
>
> I am running Samba AD members on Arch Linux and Ubuntu machines, and 
> whatever PAM-config comes with the distro, if anything, is there, I 
> never changed or added anything - frankly, I don't know much about it, 
> yet. I checked just now and yes, there is a file /etc/pam.conf with 
> all lines commented out and multiple small files in /etc/pam.d/ which 
> I just grepped for 'mkdir', 'mkhomedir' and 'home'. No results.
>
> And yet, ADUC is creating the home directories for me. Not fully 
> automatically, though, I still have to provide ADUC the full name of 
> the folder. But still, it's a lot simpler than stated in the Wiki.
>
> Just fyi, I'm currently on 4.9 and 4.10, respectively, but if I 
> remember correctly, this worked already with 4.7.
>
> Viktor
>
>
>