On Wednesday, January 5, 2022, 04:03:07 p.m. EST, Rowland Penny via samba
<samba at lists.samba.org> wrote:
On Wed, 2022-01-05 at 20:55 +0000, Carl Hunter via samba
wrote:>? On Wednesday, January 5, 2022, 03:36:50 p.m. EST, Rowland Penny via
> samba <samba at lists.samba.org> wrote:
>?
>?
>? On Wed, 2022-01-05 at 20:23 +0000, Carl Hunter wrote:
> > On Wednesday, January 5, 2022, 03:04:32 p.m. EST, Rowland Penny via
> > samba <samba at lists.samba.org> wrote:
> >
> >
> > On Wed, 2022-01-05 at 19:42 +0000, Carl Hunter via samba wrote:
> > >? On Wednesday, January 5, 2022, 02:20:28 p.m. EST, Rowland Penny
> > via
> > > samba <samba at lists.samba.org> wrote:
> > >?
> > >?
> > > So my environment is one Ubuntu 18.04 server that's been
> > > classicupgraded to a Samba AD DC.
> >
> > Samba does not recommend using a DC as a fileserver, could you run
> > another Samba instance as a fileserver (in a VM ?).
> >
> > >? All machines connecting to the AD are Windows 7 machines and
> > > eventually Windows 10 machines.
> >
> > Windows 7 user SMBv1, but Windows 10 has this turned off by
> > default.
> >
> > >? The server is running Samba file shares but no printserver.
> > > Each
> > > user has their own /home folder on the file server and access to
> > > a
> > > few other shares which are mapped by a logon.cmd script when they
> > log
> > > in.?
> >
> > Do you have this line in the smb.conf file:
> >
> > template homedir = /home/%U
> >
> > If you do not, your user will get /home/DOMAIN/%U
> >
> > > For the example commands above, the students group was already
> > > created in the NT4 domain and converted to the AD domain.
> >
> > You just need to add your users to the 'students' group (if
they
> > are
> > not already members)
> >
> > >? I do see a "Creating a Windows and Unix user" section
on the
> > > samba
> > > wiki but I'm not sure what all the unix options mean.
> >
> > I think you mean here:
> > https://wiki.samba.org/index.php/Adding_users_with_samba_tool
> >
> > Can you say which options you do not understand.
> >
> >
> > Rowland
> >
> > Yes, I have that line in the smb.conf file.? Everything is working
> > fine for the users that were converted to AD in both Windows 7 and
> > Windows 10.? I'm just trying to figure out how to add new users
> > now.?
> >
> > For the options I don't understand, I see a --unix-home option.
> > Will
> > that create a home folder for me?? And then do I need the other 4
> > options in that list?? Basically I just need a home folder added
> > for
> > each user that they have access to through the samba share.?
>
> If you are using a DC as a fileserver, you can forget all the RFC2307
> attributes except for the uidNumber & gidNumber (--uid-number & --
> gid-
> number), none of the others are used on a DC.
>
> Rowland
>
> So then I think I need something like this.? "sudo samba-tool user
> create username password --unix-home=/home/username --uid-
> number=something --gid-number=something"? Does this look correct??
Not if you will never have any Unix domain members, the '--unix-home'
option will never be used on a Samba AD DC, the attribute will be added
to AD, but it will never be used.
> I'm not sure where the uid and gid values come from.?
You normally need to track them manually.
Rowland
So if I'm understanding this correctly the home account for a users samba
file share is independent of the AD user right?? So it sounds to me like I'm
just replacing the pdbedit command with the two samba-tool commands.? One for
the user, one for the group.? I'll still need the adduser command to
actually create the users home folder.??
Thanks
Carl