On Tue, Jun 3, 2025 at 1:24?PM Rowland Penny via samba <samba at lists.samba.org> wrote:> I think you need to describe your set up in a bit more detail, starting > with your smb.confI did need a local user to install the OS and for various reasons I may want others. When I create a local user via the GUI (KDE Plasma) the home dir gets 700 perms, when I log in the first time with a domain user their home dir gets 755 perms (/home/DOMAIN/username). smb.conf: =====================================[global] realm = OFFICE.DOMAIN.COM security = ADS server role = member server workgroup = DOMAIN idmap config domain : range = 10000-999999 idmap config domain : backend = rid idmap config * : range = 3000-7999 idmap config * : backend = tdb template homedir = /home/%D/%U template shell = /bin/bash kerberos method = secrets and keytab winbind refresh tickets = true winbind use default domain = true ===================================== Thank you, Chris
On Tue, 3 Jun 2025 14:11:40 -0400 Sonic via samba <samba at lists.samba.org> wrote:> On Tue, Jun 3, 2025 at 1:24?PM Rowland Penny via samba > <samba at lists.samba.org> wrote: > > I think you need to describe your set up in a bit more detail, > > starting with your smb.conf > > I did need a local user to install the OSThat I can accept> and for various reasons I > may want others.Then put them in AD, unless they are 'system' users (users with an ID less than 999).> When I create a local user via the GUI (KDE Plasma) the home dir gets > 700 perms, when I log in the first time with a domain user their home > dir gets 755 perms (/home/DOMAIN/username).That is easy to fix, open /etc/pam.d/common-session in your favourite editor, find this line: session optional pam_mkhomedir.so Change it to: session optional pam_mkhomedir.so umask=0077 Rowland