[Samba] Problem with Samba as Member to AD
Rowland Penny
rpenny at samba.org
Sun Jul 18 10:03:23 UTC 2021
On Sun, 2021-07-18 at 11:55 +0200, Mr Typo wrote:
> Yeah reading attributes from ad, like unixHomeDirectory and
> loginShell
>
> When i understand it right, i can use
> template homedir = /home/%U
>
> for default values and setting the unixHomeDirectory and loginShell
> if
> i want another value, correct?
Yes and no :-)
Yes, you can add them to AD, but no they will not be used unless you
use the winbind ad backend, try reading this:
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
and this:
https://wiki.samba.org/index.php/Idmap_config_ad
>
> currently i play with the below configuration but i just the the
> template values for every user. Any ideas?
>
> [global]
> workgroup = PFW
> realm = PFW.LOCAL
> security = ads
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
> idmap config PFW:backend = ad
> idmap config PFW:schema_mode = rfc2307
> idmap config PFW:range = 10000-999999
> idmap config PFW:unix_nss_info = yes
> template homedir = /home/%U
> template shell = /bin/bash
> # idmap config PFW : backend = rid
> # idmap config PFW : range = 500-19999999
> # idmap config PFW : rangesize = 1000000
> winbind use default domain = true
> winbind enum users = no
> winbind offline logon = true
> log file = /var/log/samba/log.%m
> max log size = 50
> log level = 3
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
>
That looks okay.
Rowland
More information about the samba
mailing list