[Samba] pam_winbind and home folders
Piviul
piviul at riminilug.it
Thu Dec 15 08:23:38 UTC 2022
Sorry for the answer delay...
On 12/2/22 14:13, Rowland Penny via samba wrote:
> I think you are going to have to give us more info. For some reason,
> PAM seems to be treating the computers as users (which they are in AD,
> but rather special users), also it isn't winbind that creates home
> directories, it is a PAM plugin.
yes, you are right, in effect I can't find PC names in users
$ wbinfo --domain-users | grep $(hostname)
$
or in groups
$ wbinfo --domain-groups | grep $(hostname)
$
but for PAM the PC is a user:
$ getent passwd $(wbinfo --own-domain)\\$(hostname)$
DOMINIOCSA\psala-lx$:*:21298:10513::/home/DOMINIOCSA/psala-lx_:/bin/bash
and it is a group too:
$ getent group $(wbinfo --own-domain)\\$(hostname)$
DOMINIOCSA\psala-lx$:x:21298:DOMINIOCSA\psala-lx$
in my nsswitch.conf I have only set:
$ grep winbind /etc/nsswitch.conf
passwd: files winbind systemd
group: files winbind systemd
There is something else I have to do to instruct PAM how to get users?
> What OS ?
from debian stretch with built-in samba 4.5.16 to debian bookworm with
built-in samba 4.17.3.
> How have you set the mkhomedir option ?
$ grep mkhomedir /etc/security/pam_winbind.conf
mkhomedir = yes
> Why are the PC's connecting as users ?
I don't know, I was thinking was inside the smb protocol but... never
take anything for granted ;)
Best regards
Piviul
More information about the samba
mailing list