[Samba] libpam-winbind mkhomedir
Rowland penny
rpenny at samba.org
Tue Jun 1 07:52:05 UTC 2021
On 01/06/2021 08:08, Piviul via samba wrote:
>
> Il 31/05/21 17:47, Rowland penny via samba ha scritto:
>> [...]
>> What OS is this ?
> $ lsb_release -a
> No LSB modules are available.
> Distributor ID: Debian
> Description: Debian GNU/Linux 10 (buster)
> Release: 10
> Codename: buster
Just saying Debian buster would have been enough 😂
>
>
>> Normally, the users Unix home directory is the one shown by 'getent
>> passwd USERNAME' ,
>
> mhhh.... in effect if I run the command getent passwd using a hostname
> instead of a username I get something similar to:
Ah, I now know where the spurious home directories are coming from.
>
> # getent passwd <domain>\\<hostname>$
>
> <domain>\<hostname>$:*:22110:10513::/home/<domain>/<hostname>_:/bin/bash
>
> There is something wrong in domain configuration?
No, there is nothing wrong with the domain configuration (as such), but
there is something wrong with your understanding of AD. A computer in AD
is just a user with an extra objectclass (funnily enough, this
objectclass is called 'computer'), so you shouldn't really be running
getent using a computer name . This doesn't affect Linux unless your
computers gain a uidNumber and congratulations, you appear to have found
a bug. Can you try removing what you added to
/etc/security/pam_winbind.conf and then run pam-auth-update and ensure
'Create home directory on login' is enabled. This may cure your problem.
>
>
>> So I have no idea where your extra folders are coming from. Can you
>> post your smb.conf and the contents of /etc/security/pam_winbind.conf
>
> $ testparm
>
> # Global parameters
> [global]
> log file = /var/log/samba/log.%m
> logging = file
> map to guest = Bad User
> max log size = 1000
> obey pam restrictions = Yes
> pam password change = Yes
> panic action = /usr/share/samba/panic-action %d
> realm = AD.CSARICERCHE.COM
> security = ADS
> server min protocol = NT1
> server string = %h server
> template shell = /bin/bash
> usershare allow guests = Yes
> winbind refresh tickets = Yes
> wins server = 192.168.64.2
'wins' in AD ?????
Rowland
More information about the samba
mailing list