Hi all, in a domain member PC, I have configured winbind to create home directories for domain users, setting to yes the parameter mkhomedir in /etc/security/pam_winbind.conf. All seems to work: when a user browse or connect this domain member the user home folder is automatically created on users home folder. But in the users home folder I can find even a folder for every host that browsed or connect to this member: there is no way to instruct winbind don't create folders for PCs member? Best regards Piviul
On 31/05/2021 15:44, Piviul via samba wrote:> Hi all, in a domain member PC, I have configured winbind to create > home directories for domain users, setting to yes the parameter > mkhomedir in /etc/security/pam_winbind.conf. > > All seems to work: when a user browse or connect this domain member > the user home folder is automatically created on users home folder. > But in the users home folder I can find even a folder for every host > that browsed or connect to this member: there is no way to instruct > winbind don't create folders for PCs member? > > Best regards > > Piviul > >What OS is this ? Normally, the users Unix home directory is the one shown by 'getent passwd USERNAME' , So I have no idea where your extra folders are coming from. Can you post your smb.conf and the contents of /etc/security/pam_winbind.conf Rowland
Il 31/05/21 17:47, Rowland penny via samba ha scritto:> [...] > What OS is this ?$ lsb_release -a No LSB modules are available. Distributor ID:??? Debian Description:??? Debian GNU/Linux 10 (buster) Release:??? 10 Codename:??? buster> Normally, the users Unix home directory is the one shown by 'getent > passwd USERNAME' ,mhhh.... in effect if I run the command getent passwd using a hostname instead of a username I get something similar to: # getent passwd <domain>\\<hostname>$ <domain>\<hostname>$:*:22110:10513::/home/<domain>/<hostname>_:/bin/bash There is something wrong in domain configuration?> So I have no idea where your extra folders are coming from. Can you > post your smb.conf and the contents of /etc/security/pam_winbind.conf$ testparm # Global parameters [global] ??? log file = /var/log/samba/log.%m ??? logging = file ??? map to guest = Bad User ??? max log size = 1000 ??? obey pam restrictions = Yes ??? pam password change = Yes ??? panic action = /usr/share/samba/panic-action %d ??? realm = AD.CSARICERCHE.COM ??? security = ADS ??? server min protocol = NT1 ??? server string = %h server ??? template shell = /bin/bash ??? usershare allow guests = Yes ??? winbind refresh tickets = Yes ??? wins server = 192.168.64.2 ??? workgroup = DOMINIOCSA ??? idmap config dominiocsa : range = 10000-24999 ??? idmap config dominiocsa : backend = rid ??? idmap config * : range = 3000-9999 ??? idmap config * : backend = tdb ??? printing = bsd [homes] ??? browseable = No ??? comment = Home Directories ??? create mask = 0700 ??? directory mask = 0700 ??? read only = No [printers] ??? browseable = No ??? comment = All Printers ??? create mask = 0700 ??? path = /var/spool/samba ??? printable = Yes [print$] ??? comment = Printer Drivers ??? path = /var/lib/samba/printers ??? write list = "@DOMINIOCSA\domain admins" [mailPDF] ??? comment = Conversione in PDF: consegna via email ??? lpq command ??? path = /tmp ??? printable = Yes ??? print command = /opt/scripts/bin/convertPDF.sh "%s" "%J" "%p" "%m" 'default' 1 [...] and this is my pam_winbind.conf (I omitted the rows that begin with # or ; and then I removed the empty rows): $ # grep -v ^[#\;].*$ /etc/security/pam_winbind.conf | grep -v ^[[:space:]]*$ [global] mkhomedir = yes