now that all permissions are right - if i create a new user on the win 2003
active directory and specify a home user under profile i will get " the
home
folder could not be created because: the network name cannot be found" I
know for sure I am getting that error because the user home folder doesn't
exist yet on the samba machine - is there any way to get the user home
created automatically once a new user are added to active directory.
Note: If the new user log in the linux terminal the home user will be
created automatically because i am using session required
/lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel umask=0077
in my pam.d/system_auth. how do i get the same thing working when i create a
user with active directory.
Thanks for you help
___________________________________________________________________________________________________________________________________________
I removed the "valid users = %S" and it worked - Thanks for you help
On 1/15/07, M Azer <azermina@gmail.com > wrote:Hello all,
I am running samba-3.0.23c-2 on Redhat 3 enterprise as ADS. I am able to see
the windows users and groups with wbinfo.
[root@itbox /]# getent passwd windowuser
windowuser:*:10000:10002:windowuser:/home/CAD/windowuser:/bin/bash
when i log to the network with one of the xp client machine i see home share
as well as a public share but i get access denied to both even after giving
the public share chmod 777 to everything on.
from the linux terminal i tried to:
[root@itbox /]# smbclient //itbox/windowuser -U windowuser
Password:
session setup failed: NT_STATUS_UNEXPECTED_NETWORK_ERROR
the second time I ran the same command i got:
[root@itbox /]# smbclient //itbox/windowuser -U windowuser
Password:
Domain=[CAD] OS=[Unix] Server=[Samba 3.0.23c-2]
tree connect failed: NT_STATUS_ACCESS_DENIED
all of my windows users are able to logon the linux termainl with their
windows username and password
[global]
#ADS
security = ADS
workgroup = CAD
realm = CAD.TESTDOMAIN
netbios name = itbox
preferred master = no
password server = 192.168.1.6
client use spnego = yes
server signing = auto
encrypt passwords = yes
#winbind
winbind separator = +
idmap uid = 1000-20000
idmap gid = 1000-20000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind cache time = 0
winbind nested groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
#logs
log file = /var/log/samba/%m.log
log level = 3
max log size= 50
#extras
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
hosts allow = 192.168.1. 192.168.0. 127.
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[data]
path = /data
public = yes
writable = yes
browseable = yes
I see you have "template homedir = /home/%D/%U". Did you create the directory /home/CAD? It is not created automatically, and that is one thing that seems to be left out of the how-to's. I set the directory permissions to 770, owned by root*:*"DOMAIN+Domain Users". After doing this, all my user home directories were created on 1st login. Good luck, Dale M Azer wrote:> now that all permissions are right - if i create a new user on the win > 2003 > active directory and specify a home user under profile i will get " > the home > folder could not be created because: the network name cannot be found" I > know for sure I am getting that error because the user home folder > doesn't > exist yet on the samba machine - is there any way to get the user home > created automatically once a new user are added to active directory. > > Note: If the new user log in the linux terminal the home user will be > created automatically because i am using session required > /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel umask=0077 > in my pam.d/system_auth. how do i get the same thing working when i > create a > user with active directory. > > Thanks for you help > > ___________________________________________________________________________________________________________________________________________ > > > I removed the "valid users = %S" and it worked - Thanks for you help > > > On 1/15/07, M Azer <azermina@gmail.com > wrote:Hello all, > > I am running samba-3.0.23c-2 on Redhat 3 enterprise as ADS. I am able > to see > the windows users and groups with wbinfo. > > [root@itbox /]# getent passwd windowuser > windowuser:*:10000:10002:windowuser:/home/CAD/windowuser:/bin/bash > > when i log to the network with one of the xp client machine i see home > share > as well as a public share but i get access denied to both even after > giving > the public share chmod 777 to everything on. > > from the linux terminal i tried to: > [root@itbox /]# smbclient //itbox/windowuser -U windowuser > Password: > session setup failed: NT_STATUS_UNEXPECTED_NETWORK_ERROR > > the second time I ran the same command i got: > > [root@itbox /]# smbclient //itbox/windowuser -U windowuser > Password: > Domain=[CAD] OS=[Unix] Server=[Samba 3.0.23c-2] > tree connect failed: NT_STATUS_ACCESS_DENIED > > > all of my windows users are able to logon the linux termainl with their > windows username and password > > [global] > #ADS > security = ADS > workgroup = CAD > realm = CAD.TESTDOMAIN > netbios name = itbox > preferred master = no > password server = 192.168.1.6 > client use spnego = yes > server signing = auto > encrypt passwords = yes > #winbind > winbind separator = + > idmap uid = 1000-20000 > idmap gid = 1000-20000 > winbind enum users = yes > winbind enum groups = yes > winbind use default domain = yes > winbind cache time = 0 > winbind nested groups = yes > template homedir = /home/%D/%U > template shell = /bin/bash > #logs > log file = /var/log/samba/%m.log > log level = 3 > max log size= 50 > #extras > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > hosts allow = 192.168.1. 192.168.0. 127. > [homes] > comment = Home Directories > valid users = %S > read only = No > browseable = No > [data] > path = /data > public = yes > writable = yes > browseable = yes
On Mon, Jan 15, 2007 at 12:11:29PM -0500, M Azer wrote:> now that all permissions are right - if i create a new user on the win 2003 > active directory and specify a home user under profile i will get " the home > folder could not be created because: the network name cannot be found" I > know for sure I am getting that error because the user home folder doesn't > exist yet on the samba machine - is there any way to get the user home > created automatically once a new user are added to active directory. > > Note: If the new user log in the linux terminal the home user will be > created automatically because i am using session required > /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel umask=0077 > in my pam.d/system_auth. how do i get the same thing working when i create a > user with active directory.You might try adding the following to your smb.conf file: [global] obey pam restrictions = yes Ed Plese