Nicki Messerschmidt, Linksystem Muenchen GmbH
2003-May-21 09:15 UTC
[Samba] smb.conf variable expansion
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi List, with samba 2.2.3a-12 (debian stable release) I had the problem that following was not possible, because the variable %u was not expanded at the right time: In the following example I would like to have a directory structure with /home/samba/<username>/(profile|samba), this would make it possible to create this dir via /etc/skel and pam_mkhomedir, but the last time I tested this it was not working, because samba searched for "\\brain\%U\profile" as the profile dir with %U not expanded. This was my smb.conf: - --- not working smb.conf --- [global] logon drive = U: logon home = "\\brain\%U" logon path = \\brain\%U\profile [homes] path=/home/samba/%u/samba browsable = no read only = no create mask = 0700 directory mask = 0700 # I also tried # [profile] # comment = Pofile of user # path = /home/samba/%U/profile # guest ok = no # writable = yes # browseable = no - --- end of not working smb.conf --- Now I use a directory structure, where the homedir lies at /home/samba/<username> and the profile is at /home/samba/profile/<username>, but this cannot easily be created by pam_mkhomedir. This is my smb.conf at the moment: - --- working smb.conf --- [global] logon drive = U: logon home = "\\brain\%U" logon path = "\\brain\profile\%u" [profile] comment = Pofile of user path = /home/samba/profile guest ok = no writable = yes browseable = no [homes] path=/home/samba/%u/samba browsable = no read only = no create mask = 0700 directory mask = 0700 - --- end of working smb.conf --- And before I try to reconfigure everythin I want to know if anyone has a solution to achieve something like the first example I so miserably failed to implement... Thanks and Cheers Nicki - -- Linksystem Muenchen GmbH info@link-m.de Schloerstrasse 10 http://www.link-m.de 80634 Muenchen Tel. 089 / 890 518-0 We make the Net work. Fax 089 / 890 518-77 -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com> Comment: Keys at: https://www.link-m.de/pgp iQA/AwUBPss1ues1nPm17iBDEQKU5gCgg3zY+L7an2U2l7Q0NFJdbxns+VkAoP8u 55zoeMzmxGG/qZXpLKhQEe7h =8Fx5 -----END PGP SIGNATURE-----
I read man 2.2.8a and this say: logon home (G) This parameter specifies the home directory location when a Win95/98 or NT Workstation logs into a Samba PDC. It allows you to do C:\> NET USE H: /HOME from a command prompt, for example. This option takes the standard substitutions, allowing you to have separate logon scripts for each user or machine. This parameter can be used with Win9X workstations to ensure that roaming profiles are stored in a subdirectory of the user's home directory. This is done in the following way: logon home = \\%N\%U\profile This tells Samba to return the above string, with substitutions made when a client requests the info, generally in a NetUserGetInfo request. Win9X clients truncate the info to \\server\share when a user does net use /home but use the whole string when dealing with profiles. ! Note that in prior versions of Samba, the logon path was returned rather than logon home. This broke net use /home but allowed profiles outside the home directory. The current implementation is correct, and can be used for profiles if you use the above trick. This option is only useful if Samba is set up as a logon server. Default: logon home = "\\%N\%U" Example: logon home = "\\remote_smb_server\%U" logon path (G) This parameter specifies the home directory where roaming profiles (NTuser.dat etc files for Windows NT) are stored. Contrary to previous versions of these manual pages, it has nothing to do with Win 9X roaming profiles. To find out how to handle roaming profiles for Win 9X system, see the logon home parameter. This option takes the standard substitutions, allowing you to have separate logon scripts for each user or machine. It also specifies the directory from which the "Application Data", (desktop, start menu, network neighborhood, programs and other folders, and their contents, are loaded and displayed on your Windows NT client. The share and the path must be readable by the user for the preferences and directories to be loaded onto the Windows NT client. The share must be writeable when the user logs in for the first time, in order that the Windows NT client can create the NTuser.dat and other directories. Thereafter, the directories and any of the contents can, if required, be made read-only. It is not advisable that the NTuser.dat file be made read-only - rename it to NTuser.man to achieve the desired effect (a MANdatory profile). Windows clients can sometimes maintain a connection to the [homes] share, even though there is no user logged in. Therefore, it is vital that the logon path does not include a reference to the homes share (i.e. setting this parameter to \%N\%U\profile_path will cause problems). This option takes the standard substitutions, allowing you to have separate logon scripts for each user or machine. Note that this option is only useful if Samba is set up as a logon server. Default: logon path = \\%N\%U\profile Example: logon path = \\PROFILESERVER\PROFILE\%U Try you use this info and upgrade to 2.2.8a from samba ftp. Bye. ----- Original Message ----- From: "Nicki Messerschmidt, Linksystem Muenchen GmbH" <samba@alienn.net> To: <samba@lists.samba.org> Cc: "Charles Trtanj" <c.trtanj@buero.link-m.de> Sent: Wednesday, May 21, 2003 11:15 AM Subject: [Samba] smb.conf variable expansion> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi List, > with samba 2.2.3a-12 (debian stable release) I had the problem that > following was not possible, because the variable %u was not expanded at > the right time: > > In the following example I would like to have a directory structure > with /home/samba/<username>/(profile|samba), this would make it > possible to create this dir via /etc/skel and pam_mkhomedir, but the > last time I tested this it was not working, because samba searched for > "\\brain\%U\profile" as the profile dir with %U not expanded. This was > my smb.conf: > - --- not working smb.conf --- > [global] > logon drive = U: > logon home = "\\brain\%U" > logon path = \\brain\%U\profile > > > [homes] > path=/home/samba/%u/samba > browsable = no > read only = no > create mask = 0700 > directory mask = 0700 > > # I also tried > # [profile] > # comment = Pofile of user > # path = /home/samba/%U/profile > # guest ok = no > # writable = yes > # browseable = no > - --- end of not working smb.conf --- > > Now I use a directory structure, where the homedir lies at > /home/samba/<username> and the profile is at > /home/samba/profile/<username>, but this cannot easily be created by > pam_mkhomedir. This is my smb.conf at the moment: > - --- working smb.conf --- > [global] > logon drive = U: > logon home = "\\brain\%U" > logon path = "\\brain\profile\%u" > > [profile] > comment = Pofile of user > path = /home/samba/profile > guest ok = no > writable = yes > browseable = no > > [homes] > path=/home/samba/%u/samba > browsable = no > read only = no > create mask = 0700 > directory mask = 0700 > - --- end of working smb.conf --- > > And before I try to reconfigure everythin I want to know if anyone has > a solution to achieve something like the first example I so miserably > failed to implement... > > > Thanks and Cheers > Nicki > > - -- > Linksystem Muenchen GmbH info@link-m.de > Schloerstrasse 10 http://www.link-m.de > 80634 Muenchen Tel. 089 / 890 518-0 > We make the Net work. Fax 089 / 890 518-77 > > -----BEGIN PGP SIGNATURE----- > Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com> > Comment: Keys at: https://www.link-m.de/pgp > > iQA/AwUBPss1ues1nPm17iBDEQKU5gCgg3zY+L7an2U2l7Q0NFJdbxns+VkAoP8u > 55zoeMzmxGG/qZXpLKhQEe7h > =8Fx5 > -----END PGP SIGNATURE----- > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba