Samba4 [homes] share
Posted
by
SambaDrivesMeCrazy
on Server Fault
See other posts from Server Fault
or by SambaDrivesMeCrazy
Published on 2013-02-18T20:14:42Z
Indexed on
2013/11/13
3:57 UTC
Read the original article
Hit count: 481
I am having issues with the [homes] share. OS is Ubuntu 12.04. I've installed samba 4.0.3, bind9 dlz, ntp, winbind, everything but pam modules, and did all the tests from https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO.
Running getent passwd and getent user work just fine. Creating a simple share works just fine too. I can manage the users, GPOs, and DNS from the windows mmc snap-ins. I can join winxp,7,8 to the domain and log on perfectly. I can change my passwords from windows, etc..etc..
I could say that everything is fine and be happy :) buuuut, no, home directories do not work.
Searching in here, and on our good friend google I gathered that a simple
[homes]
read only = no
path = /storage-server/users/
and mapping the user's home folder in dsa.msc to \\server-001\username or \\server-001\homes should get me a home share I could map for my user homedir. But the snap-in give me an error saying that it cannot create the home folder because the network name has not been found (rough translation from portuguese).
also, running
root@server-001:/storage-server/users# smbclient //server-001/test -Utest%'12345678' -c 'ls'
Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 4.0.3]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME
Server name is alright, if I go for a simple share on the same server it opens just fine. If I map the user homedir to this simple share it works.
What I want is that I dont have to go and manually make a new folder on linux everytime I create a new user on windows.
It looks like permissions but I cant find any documentation on this (yes I've tried the manpages, but its hard to tell with so many options on man smb.conf alone).
My smb.conf right now looks like this (pretty simple I know)
# Global parameters
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.LAN
netbios name = SERVER-001
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate
[netlogon]
path = /usr/local/samba/var/locks/sysvol/mydomain.lan/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[homes]
read only = no
path = /storage-server/users
Folder permissions /storage-server drwxr-xr-x 6 root root 4096 Fev 15 15:17 storage-server
/storage-server/users
drwxrwxrwx 6 root root 4096 Fev 18 17:05 users/
Yes, I was desperate enough to set 777 on the users folder... not proud of it.
Any pointers in the right direction would be very welcome.
Edited to include:
root@server-001:/# wbinfo --user-info=test
MYDOMAIN\test:*:3000045:100:test:/home/MYDOMAIN/test:/bin/false
root@server-001:/# wbinfo -n test
S-1-5-21-1957592451-3401938807-633234758-1128 SID_USER (1)
root@server-001:/# id test
uid=3000045(MYDOMAIN\test) gid=100(users) grupos=100(users)
root@server-001:/# wbinfo -U 3000045
S-1-5-21-1957592451-3401938807-633234758-1128
root@server-001:/#
Edit 2:
getent passwd | grep test
MYDOMAIN\test:*:3000045:100:test:/home/MYDOMAIN/test:/bin/false
I have no idea how to change that home folder to /storage-server/users/test so I just went and ln -s /storage-server/users /home/MYDOMAIN just in case. still, no changes, same errors.
Edit 3
On log.smbd I get the following error when trying to set the test user home folder to \server-001\test
[2013/02/20 14:22:08.446658, 2] ../source3/smbd/service.c:418(create_connection_session_info)
user 'MYDOMAIN\Administrator' (from session setup) not permitted to access this share (test)
© Server Fault or respective owner