Buchan Milne
2002-Apr-15 08:45 UTC
[Samba] Automatic creation of home directories when using winbind
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The parth that sometimes catches people is that you have to make the parent directory of the home directory. So if you are using : template homedir = /home/%D/%U You need to make /home/%D for each domain that you want to allow users from. Of course, what would be really nice is integration with pam_mount, so that users automatically mount a share on an existing server as their home directory. Unfortunately, this either requires the default domain parameter in samba-3.0-alpha, or some changes to pam_mount. Buchan | Message: 12 | Date: Thu, 11 Apr 2002 21:26:37 +0200 (CEST) | From: <dj@4ict.com> | To: <samba@lists.samba.org> | Subject: [Samba] Automatic creation of home directories when using winbind | | Hello, | | I've seen a couple of mails here asking how to automatically create home | directories for users that are being added to the system by winbind. | | The answer is using the pam_mkhomedir module as said in response to some | of those quesitons. But the help out a little more I've made a overview on | the exact proceedings of setting this up: | | You edit the pam configuration file for Samba. On a recent RedHat | system the directory "/etc/pam.d" contains pam configuration for all | services that require authentication. So you edit the "samba" file in that | directory, add this line to the file "/etc/pam.d/samba" : | | session required pam_mkhomedir.so skel=/etc/sambaskel umask=0022 | | Because the order is important in these pam configuration files you need | to put this line before all other lines that start with "session", but | after the lines that start with "auth" or "account". | | The "skel" parameter indicates which directory is used as skeleton. This | just means that everything that is inside the skel-directory is also | copied to the home directory being created. The "umask" parameter sets the | default permissions given to new files created in the home directory. See | "man umask" for more details. | | Next you need to tell Samba to use this pam configuration file. This first | of all means that Samba needs to be compiled with the "--use-pam" switch. | This can been taken care of by the makerpms.sh script you can use to make | a Samba rpm file. | | You also need the set the Samba parameter "obey pam restrictions" to yes | in your smb.conf file. Also read the explenation about this parameter in | the smb.conf man page to check if you also need to take care of other | things when setting this parameter to yes. | | That should be it. If you added a [homes] share and login with a user that | doesn't have a home dir on the Samba server it should be created. | | Enjoy it, | Tim | - -- |----------------Registered Linux User #182071-----------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE8uvUwrJK6UGDSBKcRAuPFAJ9yV3TMOiSEcgK26wPx8bVStHrkPwCgzKUX WefXGVgjuTUpL/uM2nxHgU8=veie -----END PGP SIGNATURE-----