john
2007-Sep-06 15:44 UTC
[Samba] Glitches adding homedir profiles to a samba share with AD MMC?
Hi all,
We have a mixed network environment with Samba servers providing file
storage for windows, Linux and MAC 0SX users. Authentication is
handled by Active Directory on Win2K SP. On our campus we allow
computer lab teachers to add users via the Active Directory MMC.
However we have a couple of issues which make this far from seamless:
After users are added to AD, the lab admin will add a home directory
path to the users profile using the MMC. The path will be something
like \\sambaserver\students\2009\%username% (the %username%
variable expands to the username of the profiles owner)
We are presented with an error message letting us know that the user
directory couldn't be created because Domain Admins don't have
sufficient privleages to create the directory, although AD will update
the path in the user profile.
When we look at the Share in samba however we see that the directory
_was_ created, but that it is owned by root rather than the user.
We then must log on the SAMBA server and chown the directory to be
owned by the proper user and group.
I am hoping I can adjust permission in such a way that I won't have to
go back in and clean up things after a new user has been added through
AD.
Thanks for any ideas!
John
The relevant portion of smb.conf looks like this:
[ALLSTUDENTS]
path = /home/ALLSTUDENTS
# valid users = %S
readonly = no
writable = yes
printable = no
create mode = 0700
directory mode = 0700
admin users = @"VANGUARD\domain admins"
@"VANGUARD\mcmcomputer admins"
vfs objects = recycle
recycle: config-files = /etc/samba/samba-recycle.conf
The top level of the share /home/ALLSTUDENTS under linux all have 755
permissions
drwxr-xr-x 184 root root 12288 2007-09-01 18:21 2008
drwxr-xr-x 187 root root 12288 2007-09-01 18:26 2009
drwxr-xr-x 196 root root 12288 2007-09-01 19:19 2010
drwxr-xr-x 206 root root 12288 2007-09-01 17:32 2011
drwxr-xr-x 152 root root 4096 2007-09-01 18:14 2012
drwxr-xr-x 130 root root 4096 2007-09-06 07:22 2013
drwxr-xr-x 139 root root 4096 2007-09-05 19:53 2014
drwxr-xr-x 121 root root 12288 2007-09-05 19:52 2015
drwxr-xr-x 2 root root 4096 2007-09-01 15:54 2016
drwxr-xr-x 2 root root 4096 2007-08-02 13:41 2017
drwxr-xr-x 2 root root 4096 2007-08-02 13:41 2018
drwxr-xr-x 2 root root 4096 2007-08-02 13:41 2019
Maybe Matching Threads
- Why won't %username% variable work when adding users to samba share?
- Is there a simple way to let particular windows users have read/write on ALL samba shares?
- NSLCD works, do I need RFC2307 extensions enabled in AD as well?
- NSLCD works, do I need RFC2307 extensions enabled in AD as well?
- NSLCD works, do I need RFC2307 extensions enabled in AD as well?
Wisdom of the Ancients
