[Samba] libpam-winbind mkhomedir

Piviul piviul at riminilug.it
Tue Jun 1 07:08:52 UTC 2021 

Il 31/05/21 17:47, Rowland penny via samba ha scritto:
> [...]
> What OS is this ?
$ lsb_release -a
No LSB modules are available.
Distributor ID:    Debian
Description:    Debian GNU/Linux 10 (buster)
Release:    10
Codename:    buster


> Normally, the users Unix home directory is the one shown by 'getent 
> passwd USERNAME' , 

mhhh.... in effect if I run the command getent passwd using a hostname 
instead of a username I get something similar to:

# getent passwd <domain>\\<hostname>$

<domain>\<hostname>$:*:22110:10513::/home/<domain>/<hostname>_:/bin/bash

There is something wrong in domain configuration?


> So I have no idea where your extra folders are coming from. Can you 
> post your smb.conf and the contents of /etc/security/pam_winbind.conf

$ testparm

# Global parameters
[global]
     log file = /var/log/samba/log.%m
     logging = file
     map to guest = Bad User
     max log size = 1000
     obey pam restrictions = Yes
     pam password change = Yes
     panic action = /usr/share/samba/panic-action %d
     realm = AD.CSARICERCHE.COM
     security = ADS
     server min protocol = NT1
     server string = %h server
     template shell = /bin/bash
     usershare allow guests = Yes
     winbind refresh tickets = Yes
     wins server = 192.168.64.2
     workgroup = DOMINIOCSA
     idmap config dominiocsa : range = 10000-24999
     idmap config dominiocsa : backend = rid
     idmap config * : range = 3000-9999
     idmap config * : backend = tdb
     printing = bsd


[homes]
     browseable = No
     comment = Home Directories
     create mask = 0700
     directory mask = 0700
     read only = No


[printers]
     browseable = No
     comment = All Printers
     create mask = 0700
     path = /var/spool/samba
     printable = Yes


[print$]
     comment = Printer Drivers
     path = /var/lib/samba/printers
     write list = "@DOMINIOCSA\domain admins"


[mailPDF]
     comment = Conversione in PDF: consegna via email
     lpq command =
     path = /tmp
     printable = Yes
     print command = /opt/scripts/bin/convertPDF.sh "%s" "%J" "%p" "%m" 
'default' 1
[...]

and this is my pam_winbind.conf (I omitted the rows that begin with # or 
; and then I removed the empty rows):

$ # grep -v ^[#\;].*$ /etc/security/pam_winbind.conf | grep -v 
^[[:space:]]*$
[global]
mkhomedir = yes

More information about the samba mailing list