I have samba on the domain with winbind configured. I setup sshd to temporarily to allow me to login as a domain user. It wasn't working. I had template homedir set to /home/%D/%U. There was no /home/<domain> directory oh and I also had template shell set to /bin/false. At that point it would authenticate ok according to the logs but then immediatly exit. That made sense given the template shell. I went ahead and created the /home/<domain> directory in both all upper and lower case unsure which it would use and then changed the template shell to /bin/bash. I was then able to login with my domain user. Not enough. I deleted the two /home/<domain> directories and left the template shell set to bash to test whether or not it would automatically create the domain directory on it's own. It didn't and the login bombs even though authentication works. My question is this. Should samba/winbindd be able to create the domain directory on it's own or am I expected to create that my self. Also what would everyone recommend for template homedir? Would everyone consider it better practice to set it to /home/%U to utilize the unix account if it's already there or would you keep the domain and unix account seperate? Also I'm writing this in outlook and don't want to tick everyone off. I suspect that the autowrap is only autowrapping for me. Please let me know if I'm putting extra long line messages into the list so I know to use a carriage return. Sorry if I am. Thanks in advance for any and all help. =)
"Mahoney, Tom" wrote:> My question is this. > Should samba/winbindd be able to create the domain directory on it's own or > am I expected to create that my self. Also what would everyone recommend for > template homedir? Would everyone consider it better practice to set it to > /home/%U to utilize the unix account if it's already there or would you keep > the domain and unix account seperate?Even if you pointed it at the existing unix account, the uid the user gets during their login would not match anyway. So you pretty much have to create the /home/domain/user strucutre. I suggest using the 'pam_mkhomedir' PAM module to create the home directories. Samba will use this as well, if configured --with-pam, when 'obey pam restrictions = yes' and an /etc/pam.d/samba file is correctly setup. If you are wondering what a users homedir will look like, just finger them - it does the same calls everything else does to find out this kind of thing. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net