search for: mk_homedir

Hi - I'm using the mk_homedir.so module to create user directories using samba 3.0.1 in a Windows 2000 PDC environment. The samba server is acting as a domain member. I'm wondering if there is a way to specify the location of the user's home directories other than under /home. I'd really like the user directo...

...e Check if wbinfo -u works also. As tip, if you try these. id username getent passwd username wbinfo -u | grep username If all work and show your usename, then you should be able to login (sso) on ssh. If your users are only on this server and you dont need to share homedirs. Then you need mk_homedir in pam also. To enable, its simple on ubuntu/debian pam-auth-update --package mkhomedir pam-auth-update And enable mkhomedir ( you can use pam-auth-update --force also ) Greetz, Louis

Thanks Rowland. See inline comments. >On Thu, 9 Nov 2017 17:08:52 -0000 >Rowland Penny via samba<samba at lists.samba.org> wrote: > See inline Comments: > > On Thu, 9 Nov 2017 16:11:49 -0000 > Roy Eastwood via samba <samba at lists.samba.org> wrote: > > > Hi, > > I have a Debian Stretch machine with Louis' samba 4.7.1 package > > installed.

...and gives you direct the ability to login with kerberos. > Note, not accounting for the missing "templates" paramters. > > Default: template homedir = /home/%D/%U > Default: template shell = /bin/false > (man smb.conf) > And how are the homedirs created, through ADUC or mk_homedir > > Needed on the DC's with logins and members that used RID setup also set in /etc/nsswitch.conf > passwd: compat winbind > group: compat winbind I actually wrote a subsequent blog post, where I set up all of the winbind configuration: https://jonathonreinhart.com...

I forgot, post also:   cat /etc/idmapd.conf ( im adding it in the debug-collector atm )   There might be a mis in detecting the Domain or Local-Realm. I suggest, add this :    Domain = jeoffice.jacklin.co.za Local-Realm = JEOFFICE.JACKLIN.CO.ZA   see if that helps.   Greetz,   Louis Van: Ian Coetzee [mailto:samba at iancoetzee.za.net] Verzonden: woensdag 10 april 2019 10:17 Aan: L.P.H. van

...Verzonden: vrijdag 10 november 2017 9:41 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Member Server Configuration > > On Fri, 10 Nov 2017 09:14:51 +0100 > "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > > > A bit cleaner way to mk_homedir, I would try to avoid changing > > manualy settings in pam. > > > > echo "Name: Create home directory during login > > Default: yes > > Priority: 900 > > Session-Type: Additional > > Session: > > required pam_mkhomedir.so umask=0...

...shares ). And on my vpn server ( auth only ), with nfs, yes, the detection of the dns domain and realm needed a bit of help. Due to dns resolving i needed to set ( a non default setup ). He might also be using CIFS or NFS or none of these,.. As you,... Ah... i see now, pointed out to with the mk_homedir. So probley no NFS then. But on servers with, or multiple interfaces and/or ipnumbers, and with NFS used, setting the showed values helps. Or you need a really good setup with your dns/resolving. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: Rowland Penny [mailto:rpenny...

Hi I am running a RH9 box in a w2k domain. I have installed winbind on the RH9 box joined it to the domain successfully. Domain users can login with their accounts. The problem is when they login they get a message stating that their home dir doesnt excists. How can i map their home dir that is on a w2k member server and how can i create their home dir on the RH9 box when the domain users login?

...ity to login with kerberos. Note, not accounting for the > > missing "templates" paramters. > > > > Default: template homedir = /home/%D/%U > > Default: template shell = /bin/false > > (man smb.conf) > > And how are the homedirs created, through ADUC or mk_homedir > > > > Needed on the DC's with logins and members that used RID setup also > > set in /etc/nsswitch.conf passwd: compat winbind > > group: compat winbind > > I actually wrote a subsequent blog post, where I set up all of the > winbind configur...

A bit cleaner way to mk_homedir, I would try to avoid changing manualy settings in pam. echo "Name: Create home directory during login Default: yes Priority: 900 Session-Type: Additional Session: required pam_mkhomedir.so umask=0022 skel=/etc/skel " > /usr/share/pam-configs/mkhomedir And run : pam-...

...paramaters in sshd_config and gives you direct the ability to login with kerberos. Note, not accounting for the missing "templates" paramters. Default: template homedir = /home/%D/%U Default: template shell = /bin/false (man smb.conf) And how are the homedirs created, through ADUC or mk_homedir Needed on the DC's with logins and members that used RID setup also set in /etc/nsswitch.conf passwd: compat winbind group: compat winbind > > - > https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC > - > https://wiki.samba.org/index.php...

Hello, I'm running a Samba DC on Debian 9 (version 4.5.12-Debian) in a lab environment, set up like this: https://jonathonreinhart.com/posts/blog/2019/02/11/setting-up-a-samba-4-domain-controller-on-debian-9/ I would now like to configure this server to enable login via domain credentials. I'm aware that the Samba wiki recommends the following: -

> ............ > > > You can, provided you have a user.map in smb.conf > > Oeps, Ah yes, forgot that, because he was testing on the DC. > And DC's dont use the user.mapping. > > Thanks for the correction. With regard to tdb ipmap, I set this parameter on domain member. Domain controller has no such parameter set. I'll look into the other useful suggestions you

...in you config. ) idmap config SAMDOM : backend = ad idmap config SAMDOM : range = 10000-200000 # Optional, use these, but since you set AD backend you can set this from cli. # Template settings for login shell and home directory # template shell = /bin/bash # template homedir = /home/%U # mk_homedir might be needed, this depends on you needs/setup. > > ------------------------------- > /etc/ssh/sshd_config (Running on DC) > ------------------------------- > PubkeyAuthentication no > PasswordAuthentication yes > ChallengeResponseAuthentication no > X11Forwarding yes &...

Hi samba folks, I'm running an NT$-style samba PDC and 2 BDCs. They are all on samba 3.6.25 (the SERNET packages on debian wheezy) I have a domain trust with another server on another subnet, I think they run samba 3.5, also NT4-style domain. Everything ran fine, they can login to our machines and vice versa, winbind can resolve their usernames etc. Now I upgraded the PDC to debian jessie,

Hai, Lets start here. Handy for us to know. OS? Samba version? AD or member setup? And I suggest, set this in the ssh server. # GSSAPI options GSSAPIAuthentication yes Restart the ssh server and try to SSO login. If its a AD server this should work. Yes, you dont get home dir etc, end up in / after login, but lets check if this works. Greetz, Louis > -----Oorspronkelijk