[Samba] Ubuntu 18.04 classicupgrade help

Carl Hunter cdhunter2 at yahoo.com
Wed Jan 5 21:30:14 UTC 2022 

 On Wednesday, January 5, 2022, 04:03:07 p.m. EST, Rowland Penny via samba <samba at lists.samba.org> wrote:
 
 
 On Wed, 2022-01-05 at 20:55 +0000, Carl Hunter via samba wrote:
>  On Wednesday, January 5, 2022, 03:36:50 p.m. EST, Rowland Penny via
> samba <samba at lists.samba.org> wrote:
>  
>  
>  On Wed, 2022-01-05 at 20:23 +0000, Carl Hunter wrote:
> > On Wednesday, January 5, 2022, 03:04:32 p.m. EST, Rowland Penny via
> > samba <samba at lists.samba.org> wrote:
> > 
> > 
> > On Wed, 2022-01-05 at 19:42 +0000, Carl Hunter via samba wrote:
> > >  On Wednesday, January 5, 2022, 02:20:28 p.m. EST, Rowland Penny
> > via
> > > samba <samba at lists.samba.org> wrote:
> > >  
> > >  
> > > So my environment is one Ubuntu 18.04 server that's been
> > > classicupgraded to a Samba AD DC.
> > 
> > Samba does not recommend using a DC as a fileserver, could you run
> > another Samba instance as a fileserver (in a VM ?).
> > 
> > >  All machines connecting to the AD are Windows 7 machines and
> > > eventually Windows 10 machines. 
> > 
> > Windows 7 user SMBv1, but Windows 10 has this turned off by
> > default.
> > 
> > >  The server is running Samba file shares but no printserver. 
> > > Each
> > > user has their own /home folder on the file server and access to
> > > a
> > > few other shares which are mapped by a logon.cmd script when they
> > log
> > > in.  
> > 
> > Do you have this line in the smb.conf file:
> > 
> > template homedir = /home/%U
> > 
> > If you do not, your user will get /home/DOMAIN/%U
> > 
> > > For the example commands above, the students group was already
> > > created in the NT4 domain and converted to the AD domain.
> > 
> > You just need to add your users to the 'students' group (if they
> > are
> > not already members)
> > 
> > >  I do see a "Creating a Windows and Unix user" section on the
> > > samba
> > > wiki but I'm not sure what all the unix options mean. 
> > 
> > I think you mean here:
> > https://wiki.samba.org/index.php/Adding_users_with_samba_tool
> > 
> > Can you say which options you do not understand.
> > 
> > 
> > Rowland
> > 
> > Yes, I have that line in the smb.conf file.  Everything is working
> > fine for the users that were converted to AD in both Windows 7 and
> > Windows 10.  I'm just trying to figure out how to add new users
> > now.  
> > 
> > For the options I don't understand, I see a --unix-home option. 
> > Will
> > that create a home folder for me?  And then do I need the other 4
> > options in that list?  Basically I just need a home folder added
> > for
> > each user that they have access to through the samba share.  
> 
> If you are using a DC as a fileserver, you can forget all the RFC2307
> attributes except for the uidNumber & gidNumber (--uid-number & --
> gid-
> number), none of the others are used on a DC.
> 
> Rowland
> 
> So then I think I need something like this.  "sudo samba-tool user
> create username password --unix-home=/home/username --uid-
> number=something --gid-number=something"  Does this look correct?  

Not if you will never have any Unix domain members, the '--unix-home'
option will never be used on a Samba AD DC, the attribute will be added
to AD, but it will never be used.

> I'm not sure where the uid and gid values come from.  

You normally need to track them manually. 

Rowland
So if I'm understanding this correctly the home account for a users samba file share is independent of the AD user right?  So it sounds to me like I'm just replacing the pdbedit command with the two samba-tool commands.  One for the user, one for the group.  I'll still need the adduser command to actually create the users home folder.  
Thanks
Carl

More information about the samba mailing list