Matthew Schumacher
2020-Dec-02 18:30 UTC
[Samba] Getting winbind to resolve unixHomeDirectory on AD
Hello All, This page says you can't use idmap parameters on a domain controller: https://wiki.samba.org/index.php/Updating_Samba#Failure_To_Access_Shares_on_Domain_Controllers_If_idmap_config_Parameters_Set_in_the_smb.conf_File But this page says that you need "idmap config SAMDOM:unix_nss_info = yes" in order to get winbind to use the unixHomeDirectory for users logging in with pam. https://wiki.samba.org/index.php/Idmap_config_ad So, how do I get "wbinfo -i user" to assign the home directory listed in the unixHomeDirectory attribute on a domain controller? Matt
Rowland penny
2020-Dec-02 19:44 UTC
[Samba] Getting winbind to resolve unixHomeDirectory on AD
On 02/12/2020 18:30, Matthew Schumacher via samba wrote:> Hello All, > > This page says you can't use idmap parameters on a domain controller: > > https://wiki.samba.org/index.php/Updating_Samba#Failure_To_Access_Shares_on_Domain_Controllers_If_idmap_config_Parameters_Set_in_the_smb.conf_File >Yes, that page needs rewriting a bit, but what it says is essentially true.> > But this page says that you need "idmap config SAMDOM:unix_nss_info = > yes" in order to get winbind to use the unixHomeDirectory for users > logging in with pam. > > https://wiki.samba.org/index.php/Idmap_config_adThat is using idmap_ad, a DC uses idmap.ldb, a totally different beast which uses xidNumber attributes.> > So, how do I get "wbinfo -i user" to assign the home directory listed > in the unixHomeDirectory attribute on a domain controller?Sorry, but you cannot, this is one of the reasons not to use a DC as a fileserver, you have to use the 'template homedir' parameter and all users get the same home directory path. Rowland