> On 30 Aug 2020, at 19:01, Rowland penny via samba <samba at lists.samba.org> wrote: >> root at gateway2:~ # getent passwd testuser >> BEGER\testuser:*:123123:20::/home/BEGER/testuser:/bin/false >> >> Whereas the shell should be /bin/sh and the home directory /home/testuser > > No, you would like the shell to be /bin/sh and the home directory /home/testuser, but you have a big problem, it doesn't work like that on a DC :-( > > Winbind only pulls ID's from AD on a DC, it ignores the shell and home directories. All DC's are time servers, so don't need that line and the two winbind lines do nothing on a DC, so you might as well remove them.Well I guess that explains why it doesn't work then :) I can (and currently do) work around it by having entries in master.passwd that have the correct shell etc.. -- Daniel O'Connor "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum
On 30/08/2020 12:57, O'Connor, Daniel wrote:> Well I guess that explains why it doesn't work then :) > > I can (and currently do) work around it by having entries in master.passwd that have the correct shell etc..If you want your users to have the same shell, you can add this to your smb.conf: template shell = /bin/sh There is a similar line for the users home directory: template homedir = /home/%U It does mean that all users get the same shell and homedir path. This is one of the myriad reasons for not using a Samba DC as a file server, you get all the rfc2307 attributes on a Unix domain member using the winbind 'ad' backend. Rowland
> On 30 Aug 2020, at 22:06, Rowland penny via samba <samba at lists.samba.org> wrote: > > On 30/08/2020 12:57, O'Connor, Daniel wrote: >> Well I guess that explains why it doesn't work then :) >> >> I can (and currently do) work around it by having entries in master.passwd that have the correct shell etc.. > > If you want your users to have the same shell, you can add this to your smb.conf: > > template shell = /bin/sh > > There is a similar line for the users home directory: > > template homedir = /home/%U > > It does mean that all users get the same shell and homedir path.Yeah I have seen those, unfortunately I need to have different shells for different users..> This is one of the myriad reasons for not using a Samba DC as a file server, you get all the rfc2307 attributes on a Unix domain member using the winbind 'ad' backend.Hmm I guess I should have read https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Using_the_Domain_Controller_as_a_File_Server in more detail.. -- Daniel O'Connor "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum