On 22/10/15 09:40, Ole Traupe wrote:> > > Am 22.10.2015 um 10:00 schrieb mourik jan heupink: >> >> >> On 10/21/2015 02:52 PM, Rowland Penny wrote: >>> I am now beginning to believe the above is not true. Before a user can >>> connect to their homeshare it must exist, it is the link to this, that >>> Samba creates i.e. it changes '[homes]' to the username and connects to >>> that. This is working for me on a Debian 4.1.17 DC just as it has >>> always >>> done on a member server, I just never tried it before. >> >> This is what we observe, yes. The only problem with this that ADUC >> autocreation does NOT work with this, rather unfortunate. >> >> If someone knowns of a way to make ADUC NOT create the homdir, we >> would like to know. The preexec in smb.conf does it, and ADUC should >> simply accept whatever we type for homedir. > > Probably, the best way would be to use scripting under Windows: > http://blogs.technet.com/b/heyscriptingguy/archive/2005/12/02/how-can-i-change-the-location-of-a-user-s-home-drive-in-active-directory.aspx > > > You should be able to do, whatever you do in the ADUC console on a > Windows client, via scripts, too: create the DC context, interactively > logon, and set user properties. > > I formerly learned some things with the outdated MS scripting guide: > https://technet.microsoft.com/en-us/library/ee221103.aspx > > More up-to-date would be a Power Shell approach (can't see right away, > whether the above link is using this). However, I have no knowledge in > that and can't tell you how it works. > > Another way, of course, might be to set the windows home dir path > after the first user logon during which the share is created. But that > is not at all comfortable or practiable. >You do not have to create users with ADUC, you could use samba-tool and set quite a lot with this, try running 'samba-tool user create --help' for a full list of what you can set. You can also write your own scripts to do this, either around samba-tool or by using ldifs and ldap or ldb tools. Rowland
The ADUC is very comfortable, and - even for the Samba devs, it seems - the intended way of use. This whole stuff is mainly directed to Windows use. But that is only my opinion. Am 22.10.2015 um 10:58 schrieb Rowland Penny:> On 22/10/15 09:40, Ole Traupe wrote: >> >> >> Am 22.10.2015 um 10:00 schrieb mourik jan heupink: >>> >>> >>> On 10/21/2015 02:52 PM, Rowland Penny wrote: >>>> I am now beginning to believe the above is not true. Before a user can >>>> connect to their homeshare it must exist, it is the link to this, that >>>> Samba creates i.e. it changes '[homes]' to the username and >>>> connects to >>>> that. This is working for me on a Debian 4.1.17 DC just as it has >>>> always >>>> done on a member server, I just never tried it before. >>> >>> This is what we observe, yes. The only problem with this that ADUC >>> autocreation does NOT work with this, rather unfortunate. >>> >>> If someone knowns of a way to make ADUC NOT create the homdir, we >>> would like to know. The preexec in smb.conf does it, and ADUC should >>> simply accept whatever we type for homedir. >> >> Probably, the best way would be to use scripting under Windows: >> http://blogs.technet.com/b/heyscriptingguy/archive/2005/12/02/how-can-i-change-the-location-of-a-user-s-home-drive-in-active-directory.aspx >> >> >> You should be able to do, whatever you do in the ADUC console on a >> Windows client, via scripts, too: create the DC context, >> interactively logon, and set user properties. >> >> I formerly learned some things with the outdated MS scripting guide: >> https://technet.microsoft.com/en-us/library/ee221103.aspx >> >> More up-to-date would be a Power Shell approach (can't see right >> away, whether the above link is using this). However, I have no >> knowledge in that and can't tell you how it works. >> >> Another way, of course, might be to set the windows home dir path >> after the first user logon during which the share is created. But >> that is not at all comfortable or practiable. >> > > You do not have to create users with ADUC, you could use samba-tool > and set quite a lot with this, try running 'samba-tool user create > --help' for a full list of what you can set. You can also write your > own scripts to do this, either around samba-tool or by using ldifs and > ldap or ldb tools. > > Rowland > >
On 22/10/15 10:38, Ole Traupe wrote:> The ADUC is very comfortable, and - even for the Samba devs, it seems > - the intended way of use. This whole stuff is mainly directed to > Windows use. But that is only my opinion. >It is the only GUI way to admin a Samba 4 AD domain, but you can (mostly) admin it from the command line using samba-tool. You can do some things easier and quicker using samba-tool, i.e. create a Unix user, one command and that is it, not create the user and then have to open the users info, select 'Unix Attributes' tab, check and alter the settings, then if you want to add an email address, you have to go to another tab. Rowland