[Samba] libpam-winbind mkhomedir
Piviul
piviul at riminilug.it
Thu Jun 3 08:43:13 UTC 2021
Sorry for the delay, I've gone out for some days...
Il 01/06/21 09:52, Rowland penny via samba ha scritto:
> [...]
> No, there is nothing wrong with the domain configuration (as such),
> but there is something wrong with your understanding of AD. A computer
> in AD is just a user with an extra objectclass (funnily enough, this
> objectclass is called 'computer'), so you shouldn't really be running
> getent using a computer name . This doesn't affect Linux unless your
> computers gain a uidNumber and congratulations, you appear to have
> found a bug. Can you try removing what you added to
> /etc/security/pam_winbind.conf and then run pam-auth-update and ensure
> 'Create home directory on login' is enabled. This may cure your problem.
Hi Rowland, I'm not the one that ask a uidNumber to a PC name, but I
guess that some program does: I continue to see computer's names in
domain home directory even if I delete them.
>>> So I have no idea where your extra folders are coming from. Can you
>>> post your smb.conf and the contents of /etc/security/pam_winbind.conf
>>
>> $ testparm
>>
>> # Global parameters
>> [global]
>> log file = /var/log/samba/log.%m
>> logging = file
>> map to guest = Bad User
>> max log size = 1000
>> obey pam restrictions = Yes
>> pam password change = Yes
>> panic action = /usr/share/samba/panic-action %d
>> realm = AD.CSARICERCHE.COM
>> security = ADS
>> server min protocol = NT1
>> server string = %h server
>> template shell = /bin/bash
>> usershare allow guests = Yes
>> winbind refresh tickets = Yes
>> wins server = 192.168.64.2
>
>
> 'wins' in AD ?????
...ooops! I don't know how that was happened, the wins server param gone
in my smb.conf; any way I've removed it now, thank you Rowland.
Reading further in the post, seems me to understand that I can hope in
the next future to stop to see PC's home folders in the domain users
home folder?
Best regards
Piviul
More information about the samba
mailing list