Background: 10 windows clients which also boot linux
and solaris. A samba PDC+LDAP(ver 3.0.22) working on
a server local to the clients(ie on same subnet).
Recently recieved large Sun fileserver to house all
homes and lab data. It is hosted in the server room
used by our university(so different subnet). All user
and nis info is in our ldap server, so autofs is used
on all of our linux and solaris boxes.
Right now all homes are automounted to the Samba PDC
server, so those posix locking errors show up. I read
about the nis homedir and homedir map options and
installed samba on the fileserver as a domain member.
I can link directly to it using map network drive in
windows. But when I log into the windows clients, the
PDC still serves the homes from itself(having them
automounted). My understanding was that these options
would tell the client to do a smb connect to the
filesever for the home directories.
Here is the smb.conf of the PDC:
[global]
workgroup = CBI
netbios name = PDC
map to guest = Bad User
encrypt passwords = yes
passdb backend = ldapsam:ldap://xxx.xxx.xxx.xxx
log level = 2
syslog = 0
time server = Yes
deadtime = 10
socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-group-del
'%g'
add user to group script = /usr/sbin/smbldap-groupmod
-m '%u' '%g'
delete user from group script /usr/sbin/smbldap-groupmod -x '%u'
'%g'
set primary group script = /usr/sbin/smbldap-usermod
-g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w
'%u'
logon path = \\%L\profiles
logon drive = X:
logon home = \\%L\%U
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=samba,ou=DSA,dc=xxx,dc=xxx,dc=xxx
ldap group suffix = ou=group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=machines
ldap passwd sync = Yes
ldap suffix = dc=xxx,dc=xxx,dc=xxx
ldap ssl = start tls
ldap user suffix = ou=people
## printer admin = '@Print, Operators'
printing = cups
create mask = 0640
directory mask = 0750
case sensitive = No
dont descend /proc,/dev,/etc,/lib,/lost+found,/initrd
nis homedir = yes
homedir map = auto.home
[homes]
comment = Home Directories
path = %p
valid users = %S
read only = No
directory mask = 0700
locking = No
[netlogon]
comment = Network Logon Service
path = /etc/samba/netlogon
guest ok = Yes
[profiles]
path = /home/%u/.profile
valid users = %U, '@Domain, Admins'
force user = %U
read only = No
create mask = 0600
directory mask = 0700
profile acls = Yes
browseable = No
csc policy = disable
And here is the smb.conf of the fileserver:
[global]
interfaces = ce0 127.0.0.1
bind interfaces only = yes
encrypt passwords = yes
workgroup = CBI
security = domain
name resolve order = wins bcast host
deadtime = 5
ldap machine suffix = ou=machines
ldap admin dn cn=samba,ou=DSA,dc=xxx,dc=xxx,dc=xxx
preferred master = no
ldap idmap suffix = ou=Idmap
allow trusted domains = yes
netbios name = cajal
lanman auth = YES
ldap group suffix = ou=group
wins support = no
ldap user suffix = ou=people
ldap suffix = dc=xxx,dc=xxx,dc=xxx
ldap passwd sync = Yes
ldap ssl = start tls
wins server = xxx.xxx.xxx.xxx
max smbd processes = 0
server string = cajal
winbind trusted domains only = Yes
os level = 8
passdb backend ldapsam:ldap://xxx.xxx.xxx.xxx
socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
# auth methods = guest winbind
local master = no
domain master = no
use spnego = yes
# printer admin = @admin, @staff, unknown
ntlm auth = YES
syslog = 0
log level = 0
[homes]
read only = No
valid users = %S
comment = Home Directories
path = /tray1/home/%u
Any ideas?
Physics is like sex: sure, it may give some practical results, but that's
not why we do it. ~ Richard Feynman
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
