We are setting up domain members in a (MS) DC forest. We have setup 'Users' share for homes, following: https://wiki.samba.org/index.php/Windows_User_Home_Folders and all works as expected using ADUC; in particular, if i add HomeDirectory and HomeDrive property from ADUC, home folder get created with correct permission. But if i use powershell scripts, eg: Set-ADUser -Identity SamAccountName -HomeDirectory \\fileserver\users\utente -HomeDrive P: home get not created. we are missing something, or effectively only ADUC have the ability to create home? Thanks. --
On Wed, 3 Dec 2025 14:34:41 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote:> > We are setting up domain members in a (MS) DC forest. We have setup > 'Users' share for homes, following: > > https://wiki.samba.org/index.php/Windows_User_Home_Folders > > and all works as expected using ADUC; in particular, if i add > HomeDirectory and HomeDrive property from ADUC, home folder get > created with correct permission. > > > But if i use powershell scripts, eg: > > Set-ADUser -Identity SamAccountName -HomeDirectory > \\fileserver\users\utente -HomeDrive P: > > home get not created. we are missing something, or effectively only > ADUC have the ability to create home?Yes, you missed this from the wiki page you linked to: If you are not using Active Directory Users and Computers, you must create the folder manually and set the correct permissions. You can manually create the users directory, or you can use a 'root preexec' script to do it when the user first connects, much the same as the way PAM mkhomedir works. Rowland
Op 03-12-2025 om 14:34 schreef Marco Gaiarin via samba:> We are setting up domain members in a (MS) DC forest. We have setup 'Users' > share for homes, following: > > https://wiki.samba.org/index.php/Windows_User_Home_Folders > > and all works as expected using ADUC; in particular, if i add HomeDirectory and > HomeDrive property from ADUC, home folder get created with correct permission. > > > But if i use powershell scripts, eg: > > Set-ADUser -Identity SamAccountName -HomeDirectory \\fileserver\users\utente -HomeDrive P: > > home get not created. we are missing something, or effectively only ADUC have > the ability to create home?I do this by running a preexec script from smb.conf: [home] root preexec = /usr/local/sbin/mkshare_user_dir home '%P' '%U' [profiles] root preexec = /usr/local/sbin/mkshare_user_dir profile '%P' '%U' [folders] root preexec = /usr/local/sbin/mkshare_user_dir folder '%P' '%U' The script is like this (adjust it to your needs): #!/bin/bash # This is runs on every login !! declare -A MODE MODE["user"]="2770" MODE["profile"]="0700" PROFILE_VERSION="V6" SHARE_KEY=$1? # home, folder, profile SHARE_PATH=$2 USER_NAME=$3 echo "home folder profile" | grep -qw "${SHARE_KEY}" || exit 0 [[ "${SHARE_KEY}" == "profile" ]] && SHARE_TYPE='profile' || SHARE_TYPE='user' USER_PATH="${SHARE_PATH}/${USER_NAME}" GROUP_NAME="grp_${USER_NAME}" if [[ "${SHARE_KEY}" == 'profile' ]]; then ? ? USER_PATH="${SHARE_PATH}/${USER_NAME}.${PROFILE_VERSION}" ? ? GROUP_NAME='domain users' fi if [[ ! -d "${USER_PATH}" ]]; then ? ? mkdir "${USER_PATH}" ? ? chown "${USER_NAME}":"${GROUP_NAME}" "${USER_PATH}" ? ? chmod "${MODE[$SHARE_TYPE]}" "${USER_PATH}" ? ? [[ "${SHARE_KEY}" != 'profile' ]] || setfacl -b "${SHARE_PATH}/${USER_DIR}" fi - Kees.> > > Thanks. >