samba - Apr 2020 - Users' Home Folders - conflicting advice in WiKi

Rowland,

In the Wiki page "User Home Folders", Section 2.1 "Using Windows
ACLs"
correctly describes how to set permissions to allow the Windows program
Active Directory Users and Computers to automatically create the user's home
folder.   But in the next section  "Creating the Home folder for a New
User"
3.1 "Using Windows ACLs", the blue box states that ADUC cannot
automatically
create home folders on a 'unix' machine.   Do you literally mean unix?
Certainly on my Linux (Debian) machine it works OK.    Perhaps this boxed
comment needs amendment?

Cheers,

Roy

On 10/04/2020 18:02, Roy Eastwood via samba wrote:
> Rowland,
>
> In the Wiki page "User Home Folders", Section 2.1 "Using
Windows ACLs"
> correctly describes how to set permissions to allow the Windows program
> Active Directory Users and Computers to automatically create the user's
home
> folder.   But in the next section  "Creating the Home folder for a New
User"
> 3.1 "Using Windows ACLs", the blue box states that ADUC cannot
automatically
> create home folders on a 'unix' machine.   Do you literally mean
unix?
> Certainly on my Linux (Debian) machine it works OK.    Perhaps this boxed
> comment needs amendment?
>
> Cheers,
>
> Roy
>
'unix' = any version of Unix, Linux is a version of Unix.

Are you sure that ADUC is creating the users home directory on your 
Linux machines ?

As far as I am aware Samba doesn't have the code to do this and ADUC 
running on Windows has no ability to do it either.

It could be that you have pam_mkhomedir set in your PAM stack and it is 
this that is creating your users home directories at login.

Myself and Louis collaborated to write a 'root prexec' script to create 
the users home directory at Samba connection.

To the best of my knowledge, you have to use one or the other method.

Rowland

On 10.04.2020 20:22, Rowland penny via samba wrote:
> On 10/04/2020 18:02, Roy Eastwood via samba wrote:
>> Rowland,
>>
>> In the Wiki page "User Home Folders", Section 2.1 "Using
Windows ACLs"
>> correctly describes how to set permissions to allow the Windows program
>> Active Directory Users and Computers to automatically create the 
>> user's home
>> folder.?? But in the next section? "Creating the Home folder for a
>> New User"
>> 3.1 "Using Windows ACLs", the blue box states that ADUC
cannot
>> automatically
>> create home folders on a 'unix' machine.?? Do you literally
mean unix?
>> Certainly on my Linux (Debian) machine it works OK.??? Perhaps this 
>> boxed
>> comment needs amendment?
>>
>> Cheers,
>>
>> Roy
>>
> 'unix' = any version of Unix, Linux is a version of Unix.
>
> Are you sure that ADUC is creating the users home directory on your 
> Linux machines ?
>
> As far as I am aware Samba doesn't have the code to do this and ADUC 
> running on Windows has no ability to do it either.
>
> It could be that you have pam_mkhomedir set in your PAM stack and it 
> is this that is creating your users home directories at login.
>
> Myself and Louis collaborated to write a 'root prexec' script to 
> create the users home directory at Samba connection.
>
> To the best of my knowledge, you have to use one or the other method.
>
> Rowland
>
>
Actually, this is something I noticed myself a (long) while ago.

I am running Samba AD members on Arch Linux and Ubuntu machines, and 
whatever PAM-config comes with the distro, if anything, is there, I 
never changed or added anything - frankly, I don't know much about it, 
yet. I checked just now and yes, there is a file /etc/pam.conf with all 
lines commented out and multiple small files in /etc/pam.d/ which I just 
grepped for 'mkdir', 'mkhomedir' and 'home'. No results.

And yet, ADUC is creating the home directories for me. Not fully 
automatically, though, I still have to provide ADUC the full name of the 
folder. But still, it's a lot simpler than stated in the Wiki.

Just fyi, I'm currently on 4.9 and 4.10, respectively, but if I remember 
correctly, this worked already with 4.7.

Viktor

On 10/04/2020 19:22 Rowland penny wrote:
> On 10/04/2020 18:02, Roy Eastwood via samba wrote:
> > Rowland,
> >
> > In the Wiki page "User Home Folders", Section 2.1
"Using Windows ACLs"
> > correctly describes how to set permissions to allow the Windows
> > program Active Directory Users and Computers to automatically create
the user's home
> > folder.   But in the next section  "Creating the Home folder for
a New User"
> > 3.1 "Using Windows ACLs", the blue box states that ADUC
cannot automatically
> > create home folders on a 'unix' machine.   Do you literally
mean unix?
> > Certainly on my Linux (Debian) machine it works OK.    Perhaps this
boxed
> > comment needs amendment?
> >
> > Cheers,
> >
> > Roy
> >
> 'unix' = any version of Unix, Linux is a version of Unix.
> 
> Are you sure that ADUC is creating the users home directory on your Linux
machines ?
Yes.  
> 
> As far as I am aware Samba doesn't have the code to do this and ADUC
running on Windows has no ability to do it either.
> 
> It could be that you have pam_mkhomedir set in your PAM stack and it is
this that is creating your users home directories at
login.
> 
No, I don't have this because I don't need domain users to log on with
SSH to the server.
> Myself and Louis collaborated to write a 'root prexec' script to
create the users home directory at Samba connection.
> 
> To the best of my knowledge, you have to use one or the other method.
> 
> Rowland
Just confirmed that pam_mkhomedir is not enabled, created a new user test2 using
ADUC.   Set the Home folder on the Profile tab to
connect H: to \\<server name>\users\test2 and the folder is created on the
server.

Regards,

Roy