homeDirectory = unset unixHomeDirectory = /home/users/<username> I thought I could overwrite it with template homedir = /home/%U On 08.07.20 16:52, Rowland penny via samba wrote:> On 08/07/2020 15:15, basti via samba wrote: >> ? cat /etc/nsswitch.conf >> # /etc/nsswitch.conf >> # >> # Example configuration of GNU Name Service Switch functionality. >> # If you have the `glibc-doc-reference' and `info' packages installed, >> try: >> # `info libc "Name Service Switch"' for information about this file. >> >> passwd:???????? files winbind >> group:????????? files winbind >> shadow:???????? files >> gshadow:??????? files >> >> hosts:????????? files dns >> networks:?????? files >> >> protocols:????? db files >> services:?????? db files >> ethers:???????? db files >> rpc:??????????? db files >> >> netgroup:?????? nis >> >> >> cat /etc/samba/smb.conf >> [global] >> ??????? security = ADS >> ??????? workgroup = SAMDOM >> ??????? realm = SAMDOM.EXAMPLE.COM >> >> ??????? log file = /var/log/samba/%m.log >> ??????? log level = 1 >> >> ??????? winbind refresh tickets = Yes >> ??????? dedicated keytab file = /etc/krb5.keytab >> ??????? kerberos method = secrets and keytab >> ??????? winbind use default domain = yes >> >> ??????? load printers = no >> ??????? printing = bsd >> ??????? printcap name = /dev/null >> ??????? disable spoolss = yes >> >> ??????? idmap config * : backend = tdb >> ??????? idmap config * : range = 1000-2000 >> >> ??????? idmap config SAMDOM:backend = ad >> ??????? idmap config SAMDOM:schema_mode = rfc2307 >> ??????? idmap config SAMDOM:range = 2001-999999 >> ??????? idmap config SAMDOM:unix_nss_info = yes >> >> ??????? template homedir = /home/%U >> ??????? template shell = /bin/bash >> >> ??????? client use spnego = yes >> ??????? client ntlmv2 auth = yes >> ??????? encrypt passwords = yes >> ??????? winbind use default domain = yes >> ??????? restrict anonymous = 2 >> >> ??????? # fix dfs error's in log ? >> ??????? host msdfs = no >> >> ??????? # https://wiki.samba.org/index.php/PAM_Offline_Authentication >> ??????? winbind offline logon = yes >> >> ??????? winbind enum users = yes >> ??????? winbind enum groups = yes >> >> OS: Debian 10.4 > > OK, which attribute have you set in AD 'homeDirectory' or > 'unixHomeDirectory' ? > > Rowland > > > >
On 08/07/2020 16:02, basti via samba wrote:> homeDirectory = unset > unixHomeDirectory = /home/users/<username> > > I thought I could overwrite it with template homedir = /home/%UYou probably have something like this in the clients smb.conf: idmap config DOMAIN : unix_nss_info = yes and: template homedir = /home/%U The first will override the second, if unixHomeDirectory is set in AD. If, on a specific client, you do not want the users Unix dirs to be the one set in AD, then do not add the first line to the clients smb.conf. You should be aware that it is one or the other for all users that connect to that Unix client, you cannot have both. Rowland
Thanks a lot, I will test it tomorrow. Am 08.07.20 um 17:32 schrieb Rowland penny via samba:> On 08/07/2020 16:02, basti via samba wrote: >> homeDirectory = unset >> unixHomeDirectory = /home/users/<username> >> >> I thought I could overwrite it with template homedir = /home/%U > > You probably have something like this in the clients smb.conf: > > idmap config DOMAIN : unix_nss_info = yes > > and: > > template homedir = /home/%U > > The first will override the second, if unixHomeDirectory is set in AD. > > If, on a specific client, you do not want the users Unix dirs to be the > one set in AD, then do not add the first line to the clients smb.conf. > You should be aware that it is one or the other for all users that > connect to that Unix client, you cannot have both. > > Rowland