[Samba] domain member login

[Rowland Penny]

On Tue, 3 Jun 2025 12:58:34 -0400
Sonic via samba <samba at lists.samba.org> wrote:

> On Tue, Jun 3, 2025 at 1:49 AM Rowland Penny via samba
> <samba at lists.samba.org> wrote:
> > If your Debian Bookworm machine is joined to the domain correctly,
> > then everything should just work, including being able to login via
> > the GUI. Using sssd will not help and why should it, it is
> > basically winbind rewritten for freeipa.
> 
> Thank you.
> I was trying to login as DOMAIN\\username as I needed to with ssh,
> tried it just as username and that works great.
> However when a local user is added their home directory receives 700
> perms whereas the domain users get 755 perms in their home directory.
> Would like to change that to 700 as well.
> 

You do not really need 'local' users, Samba will make your AD users
into 'local' users. if a user logs in and the OS creates the users home
directory (using pam_mkhomedir and probably in /home/USERNAME), then
the permissions on the users home directory should get 700 permissions,
if connecting and logging in via Samba, then how the directory gets
created is up to you.

I think you need to describe your set up in a bit more detail, starting
with your smb.conf 

Rowland