samba - Mar 2016 - Samba4 Homes share

Hi guys

I have configured a samba4 ADDC. It working well but users homes share did
not display. How can we solve this problem.
Please  help me.

On 04/03/16 09:55, Paramasivan Murugan wrote:
> Hi guys
>
> I have configured a samba4 ADDC. It working well but users homes share did
> not display. How can we solve this problem.
> Please  help me.
What exactly do you mean by 'users homes share did not display', do you 
mean it isn't in smb.conf, or you cannot browse to it, or something else ?

Rowland

On 04/03/16 13:08, Paramasivan Murugan wrote:
> It is in smb.conf but can not browse.
> OS - CentOS 7 (minimal)
> Samba 4.3.5
>
>
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
> I have configured using above link.
> All are working well. can connect a windows client and create users.
> able to browse public, software shares. but users homes share not 
> browsable
>
> My smb.conf file
>
> # Global parameters
> [global]
>     workgroup = CSSAMBA
>     realm = CSSAMBA.JFN.AC.LK <http://CSSAMBA.JFN.AC.LK>
>     netbios name = CSCSAMBA
>     server role = active directory domain controller
>     dns forwarder = 10.20.10.250
>     idmap_ldb:use rfc2307 = yes
>     encrypt passwords = yes
>
>     idmap config * : backend = rid
>     idmap config * : range = 10000-20000
>
>     ;winbind separator = +
>     winbind use default domain = Yes
>     winbind enum users = Yes
>     winbind enum groups = Yes
>     winbind nested groups = Yes
>     winbind offline logon = false
>     winbind refresh tickets = yes
>     winbind nss info = rfc2307
>
>     template shell = /bin/bash
>     template homedir = /home/%U
>
>     inherit acls = Yes
>     map acl inherit = Yes
>     acl group control = yes
>     obey pam restrictions = yes
>
>     logon path = \\%L\Profiles\%U
>     logon home = \\%L\%U
>
>
>
> [homes]
>     comment = %U home directory
>     path = /home/%U
>     valid users = %S
>     writable = yes
>     browsable = No
>     create mask = 0771
>     directory mask = 0771
>
> [netlogon]
>     path = /usr/local/samba/var/locks/sysvol/cssamba.jfn.ac.lk/scripts 
> <http://cssamba.jfn.ac.lk/scripts>
>     read only = No
>     browsable = No
>
> [sysvol]
>     path = /usr/local/samba/var/locks/sysvol
>     read only = No
>     browsable = No
>
>
> [software]
>     comment = Softwares
>     path = /home/software
>     ;browsable = yes
>     valid users = administrator cscstaff workshop
>     write list = administrator cscstaff
>     read only = yes
>     writable = No
>
>
> [public]
>         comment = Public Share
>         path = /home/public
>         browsable = yes
>         ;available = yes
>         public = yes
>         guest ok = yes
>         read only = yes
>         writable = No
>         ;invalid users >        ; valid users = %U
>         ;read list = @Domain Users guest
>         write list = administrator cscstaff
>         ;max connections = 30
>         ;guest only = no
>         ;guest account = no
>         create mask = 0777
>         directory mask = 0777
>
>
>
>
I would suggest you go and read the Samba wiki, start here:

https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller

There is normally no network browsing with a Samba AD DC, but you say 
'able to browse public, software shares.'. Have you started
'nmbd' ? If
so, I would suggest you stop it, this will interfere with the 'nbt' part
of the 'samba' binary, or to put it another way, you could be running 
'nmbd' twice.

There is also a problem with using [homes], have a look here:

https://wiki.samba.org/index.php/User_home_drives

I would also suggest you remove these lines from your smb.conf:

     encrypt passwords = yes

     idmap config * : backend = rid
     idmap config * : range = 10000-20000

     ;winbind separator = +
     winbind use default domain = Yes
     winbind enum users = Yes
     winbind enum groups = Yes
     winbind nested groups = Yes
     winbind offline logon = false
     winbind refresh tickets = yes
     winbind nss info = rfc2307

     inherit acls = Yes
     map acl inherit = Yes
     acl group control = yes
     obey pam restrictions = yes

     logon path = \\%L\Profiles\%U
     logon home = \\%L\%U

They are meant for a domain member smb.conf and will have no affect on a DC.

Rowland

On 04/03/16 14:47, Paramasivan Murugan wrote:
> I did not install nmbd. I want to give a personal directory (Home 
> folder) to each user in Samba ADDC. How can do it? Please help me.
I did, but I will tell you again, see here:

https://wiki.samba.org/index.php/User_home_drives

Rowland

PS, please keep the posts on the list.

>
> On Fri, Mar 4, 2016 at 6:54 PM, Rowland penny <rpenny at samba.org 
> <mailto:rpenny at samba.org>> wrote:
>
>     On 04/03/16 13:08, Paramasivan Murugan wrote:
>
>         It is in smb.conf but can not browse.
>         OS - CentOS 7 (minimal)
>         Samba 4.3.5
>
>        
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
>         I have configured using above link.
>         All are working well. can connect a windows client and create
>         users.
>         able to browse public, software shares. but users homes share
>         not browsable
>
>         My smb.conf file
>
>         # Global parameters
>         [global]
>             workgroup = CSSAMBA
>             realm = CSSAMBA.JFN.AC.LK <http://CSSAMBA.JFN.AC.LK>
>         <http://CSSAMBA.JFN.AC.LK>
>
>             netbios name = CSCSAMBA
>             server role = active directory domain controller
>             dns forwarder = 10.20.10.250
>             idmap_ldb:use rfc2307 = yes
>             encrypt passwords = yes
>
>             idmap config * : backend = rid
>             idmap config * : range = 10000-20000
>
>             ;winbind separator = +
>             winbind use default domain = Yes
>             winbind enum users = Yes
>             winbind enum groups = Yes
>             winbind nested groups = Yes
>             winbind offline logon = false
>             winbind refresh tickets = yes
>             winbind nss info = rfc2307
>
>             template shell = /bin/bash
>             template homedir = /home/%U
>
>             inherit acls = Yes
>             map acl inherit = Yes
>             acl group control = yes
>             obey pam restrictions = yes
>
>             logon path = \\%L\Profiles\%U
>             logon home = \\%L\%U
>
>
>
>         [homes]
>             comment = %U home directory
>             path = /home/%U
>             valid users = %S
>             writable = yes
>             browsable = No
>             create mask = 0771
>             directory mask = 0771
>
>         [netlogon]
>             path >        
/usr/local/samba/var/locks/sysvol/cssamba.jfn.ac.lk/scripts
>         <http://cssamba.jfn.ac.lk/scripts>
>         <http://cssamba.jfn.ac.lk/scripts>
>
>             read only = No
>             browsable = No
>
>         [sysvol]
>             path = /usr/local/samba/var/locks/sysvol
>             read only = No
>             browsable = No
>
>
>         [software]
>             comment = Softwares
>             path = /home/software
>             ;browsable = yes
>             valid users = administrator cscstaff workshop
>             write list = administrator cscstaff
>             read only = yes
>             writable = No
>
>
>         [public]
>                 comment = Public Share
>                 path = /home/public
>                 browsable = yes
>                 ;available = yes
>                 public = yes
>                 guest ok = yes
>                 read only = yes
>                 writable = No
>                 ;invalid users >                ; valid users = %U
>                 ;read list = @Domain Users guest
>                 write list = administrator cscstaff
>                 ;max connections = 30
>                 ;guest only = no
>                 ;guest account = no
>                 create mask = 0777
>                 directory mask = 0777
>
>
>
>
>
>     I would suggest you go and read the Samba wiki, start here:
>
>    
https://wiki.samba.org/index.php/Setup_a_Samba_Active_Directory_Domain_Controller
>
>     There is normally no network browsing with a Samba AD DC, but you
>     say 'able to browse public, software shares.'. Have you started
>     'nmbd' ? If so, I would suggest you stop it, this will
interfere
>     with the 'nbt' part of the 'samba' binary, or to put it
another
>     way, you could be running 'nmbd' twice.
>
>     There is also a problem with using [homes], have a look here:
>
>     https://wiki.samba.org/index.php/User_home_drives
>
>     I would also suggest you remove these lines from your smb.conf:
>
>         encrypt passwords = yes
>
>         idmap config * : backend = rid
>         idmap config * : range = 10000-20000
>
>         ;winbind separator = +
>         winbind use default domain = Yes
>         winbind enum users = Yes
>         winbind enum groups = Yes
>         winbind nested groups = Yes
>         winbind offline logon = false
>         winbind refresh tickets = yes
>         winbind nss info = rfc2307
>
>         inherit acls = Yes
>         map acl inherit = Yes
>         acl group control = yes
>         obey pam restrictions = yes
>
>         logon path = \\%L\Profiles\%U
>         logon home = \\%L\%U
>
>     They are meant for a domain member smb.conf and will have no
>     affect on a DC.
>
>
>     Rowland
>
>     -- 
>     To unsubscribe from this list go to the following URL and read the
>     instructions: https://lists.samba.org/mailman/options/samba
>
>