samba - Jan 2010 - I can not create Home DIR

when users enter the system can not see your home folder, or it asks
the username and password denuevo. My configuration is

Server + Samba + LDAP PDC
Samba server that only has the shared folders and are accessed via
winbind and pam

# Global settings
[global]
        display charset = LOCALE
        passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
        idmap gid = 1000-33554431
        passwd program = /usr/bin/passwd %u
        netbios name = srvsamba
        idmap uid = 1000-33554431
        dos charset = CP850
        local master = no
        workgroup = SERVER
        debug level = 9
        os level = 0
        security = domain
        log file = /var/log/samba/%m.log
        guest account = nobody
        smb passwd file = /etc/samba/smbpasswd
        load printers = no
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        wins server = 192.168.1.252
        map to guest = Bad User
        domain master = no
        encrypt passwords = yes
        realm         template shell = /bin/false
        server string = srvsamba
        winbind enum users = Yes
        password server = 192.168.1.252
        template homedir = /mnt/samba/home/%U
        winbind enum groups = Yes
        unix charset = UTF-8
        preferred master = no
        pam password change = yes
        winbind use default domain = no

[homes]
        comment = Home Directories
        browseable = no
        writeable = yes

add   valid users = %S to [homes] and restart samba and try again

Claudio Guzman wrote:
> when users enter the system can not see your home folder, or it asks
> the username and password denuevo. My configuration is
>
> Server + Samba + LDAP PDC
> Samba server that only has the shared folders and are accessed via
> winbind and pam
>
> # Global settings
> [global]
>          display charset = LOCALE
>          passwd chat = *New*password* %n\n *Retype*new*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
>          idmap gid = 1000-33554431
>          passwd program = /usr/bin/passwd %u
>          netbios name = srvsamba
>          idmap uid = 1000-33554431
>          dos charset = CP850
>          local master = no
>          workgroup = SERVER
>          debug level = 9
>          os level = 0
>          security = domain
>          log file = /var/log/samba/%m.log
>          guest account = nobody
>          smb passwd file = /etc/samba/smbpasswd
>          load printers = no
>          socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>          wins server = 192.168.1.252
>          map to guest = Bad User
>          domain master = no
>          encrypt passwords = yes
>          realm >          template shell = /bin/false
>          server string = srvsamba
>          winbind enum users = Yes
>          password server = 192.168.1.252
>          template homedir = /mnt/samba/home/%U
>          winbind enum groups = Yes
>          unix charset = UTF-8
>          preferred master = no
>          pam password change = yes
>          winbind use default domain = no
>
> [homes]
>          comment = Home Directories
>          browseable = no
>          writeable = yes
>

Claudio Guzman wrote:
>when users enter the system can not see your home folder, or it asks
>the username and password denuevo. My configuration is
>
>Server + Samba + LDAP PDC
>Samba server that only has the shared folders and are accessed via
>winbind and pam
>
># Global settings
>[global]
>        display charset = LOCALE
>        passwd chat = *New*password* %n\n *Retype*new*password* %n\n
>*passwd:*all*authentication*tokens*updated*successfully*
>        idmap gid = 1000-33554431
>        passwd program = /usr/bin/passwd %u
>        netbios name = srvsamba
>        idmap uid = 1000-33554431
>        dos charset = CP850
>        local master = no
>        workgroup = SERVER
>        debug level = 9
>        os level = 0
>        security = domain
>        log file = /var/log/samba/%m.log
>        guest account = nobody
>        smb passwd file = /etc/samba/smbpasswd
>        load printers = no
>        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>        wins server = 192.168.1.252
>        map to guest = Bad User
>        domain master = no
>        encrypt passwords = yes
>        realm >        template shell = /bin/false
>        server string = srvsamba
>        winbind enum users = Yes
>        password server = 192.168.1.252
>        template homedir = /mnt/samba/home/%U
>        winbind enum groups = Yes
>        unix charset = UTF-8
>        preferred master = no
>        pam password change = yes
>        winbind use default domain = no
>
>[homes]
>        comment = Home Directories
>        browseable = no
>        writeable = yes
What OS is Samba running on?

I have seen this sort of thing when the user's home directory from the
Unix side (passwd or LDAP) is a symlink rather than a real directory, on
CentOS 5.  SELinux prevents Samba from using the symlink, so I have to
make sure all users' home directory entries point to the real thing.  To
check for SELinux errors use "aureport --avc", or see if there's
anything useful in the samba logs.


Moray.
"To err is human.? To purr, feline"