samba - Jan 2014 - samba4 [homes] | canonicalize_connect_path failed for service

Hi,

Meanwhile we've come many steps further, and a new issue has risen. In 
samba4 AD we have a user with:

- homeDirectory \\server\username
- homeDrive P:
- scriptPath logon.bat

When this user logs on, logon.bat is executed successfully, but 
homeDirectory is NOT mounted on P: and in the logs we see:

canonicalize_connect_path failed for service username,
path /\\server\username

It seems that samba is thinking that homeDirectory should be in a 
path-form, and not a UNC? However, most (if not all?) docs tell me that 
homeDirectory should be a UNC...

This is Version 4.1.4-SerNet-Debian-7.wheezy. The [homes] section:

[homes]
         comment=Home directory for %S
         read only = No
         browseable = No

Now, if I add "path = /home/%S" to the homes section then things 
suddenly start working.

Anyone else seeing this? Is this expected behaviour?

MJ

On Tue, 2014-01-28 at 20:19 +0100, mourik jan heupink
wrote:
> Hi,
> 
> Meanwhile we've come many steps further, and a new issue has risen. In 
> samba4 AD we have a user with:
> 
> - homeDirectory \\server\username
> - homeDrive P:
> - scriptPath logon.bat
> 
> When this user logs on, logon.bat is executed successfully, but 
> homeDirectory is NOT mounted on P: and in the logs we see:
> 
> canonicalize_connect_path failed for service username,
> path /\\server\username
> 
> It seems that samba is thinking that homeDirectory should be in a 
> path-form, and not a UNC? However, most (if not all?) docs tell me that 
> homeDirectory should be a UNC...
> 
> This is Version 4.1.4-SerNet-Debian-7.wheezy. The [homes] section:
> 
> [homes]
>          comment=Home directory for %S
>          read only = No
>          browseable = No
> 
> Now, if I add "path = /home/%S" to the homes section then things 
> suddenly start working.
> 
> Anyone else seeing this? Is this expected behaviour?
What are you using in nsswitch to resolve the user's name?

I suspect you are using something expecting pure rfc2307 attributes,
rather than the built in and rather limited winbind.  The issue is that
in AD, the attribute you want is called unixHomeDirectory.  However,
while limited, you are still best to use the built in winbind and
nss_winbind on the AD DC, which will expect home directories in the
pattern of /home/domain/user, unless you change 'template homedir = ' to
be 'template homedir = /home/%USERNAME%'. 

(To others: This post is not an invitation to re-open past threads on
the topic). 

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

just saw this: 
> This is Version 4.1.4-SerNet-Debian-7.wheezy. The [homes] section:
> 
> [homes]
shouldnt this be :
> [home]


>-----Oorspronkelijk bericht-----
>Van: abartlet at samba.org [mailto:samba-bounces at lists.samba.org] 
>Namens Andrew Bartlett
>Verzonden: woensdag 5 februari 2014 8:53
>Aan: mourik jan heupink
>CC: samba at lists.samba.org
>Onderwerp: Re: [Samba] samba4 [homes] | 
>canonicalize_connect_path failed for service
>
>On Tue, 2014-01-28 at 20:19 +0100, mourik jan heupink wrote:
>> Hi,
>> 
>> Meanwhile we've come many steps further, and a new issue has 
>risen. In 
>> samba4 AD we have a user with:
>> 
>> - homeDirectory \\server\username
>> - homeDrive P:
>> - scriptPath logon.bat
>> 
>> When this user logs on, logon.bat is executed successfully, but 
>> homeDirectory is NOT mounted on P: and in the logs we see:
>> 
>> canonicalize_connect_path failed for service username,
>> path /\\server\username
>> 
>> It seems that samba is thinking that homeDirectory should be in a 
>> path-form, and not a UNC? However, most (if not all?) docs 
>tell me that 
>> homeDirectory should be a UNC...
>> 
>> This is Version 4.1.4-SerNet-Debian-7.wheezy. The [homes] section:
>> 
>> [homes]
>>          comment=Home directory for %S
>>          read only = No
>>          browseable = No
>> 
>> Now, if I add "path = /home/%S" to the homes section then
things
>> suddenly start working.
>> 
>> Anyone else seeing this? Is this expected behaviour?
>
>What are you using in nsswitch to resolve the user's name?
>
>I suspect you are using something expecting pure rfc2307 attributes,
>rather than the built in and rather limited winbind.  The issue is that
>in AD, the attribute you want is called unixHomeDirectory.  However,
>while limited, you are still best to use the built in winbind and
>nss_winbind on the AD DC, which will expect home directories in the
>pattern of /home/domain/user, unless you change 'template 
>homedir = ' to
>be 'template homedir = /home/%USERNAME%'. 
>
>(To others: This post is not an invitation to re-open past threads on
>the topic). 
>
>Andrew Bartlett
>
>-- 
>Andrew Bartlett                       http://samba.org/~abartlet/
>Authentication Developer, Samba Team  http://samba.org
>Samba Developer, Catalyst IT          
>http://catalyst.net.nz/services/samba
>
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>

On 14-01-28 02:19 PM, mourik jan heupink wrote:
> Anyone else seeing this? Is this expected behaviour?
What is the output of:

(on the client)
echo %HOMESHARE%
echo %HOMEDRIVE%

(on the server)
getent passwd USERNAME

M.

-- 
Michael Brown               | `One of the main causes of the fall of
Systems Consultant          | the Roman Empire was that, lacking zero,
Net Direct Inc.             | they had no way to indicate successful
?: +1 519 883 1172 x5106    | termination of their C programs.' - Firth