[Samba] problem with [homes] share for users with unix logins - Samba

This is a discussion on [Samba] problem with [homes] share for users with unix logins - Samba ; I have the [homes] section set up in my smb.conf so that \\server.name\user connects to the user's home directory. Since I am using OpenLDAP as a backend via smbldap-tools, for most users the home directory comes from the homeDirectory variable ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: [Samba] problem with [homes] share for users with unix logins

  1. [Samba] problem with [homes] share for users with unix logins

    I have the [homes] section set up in my smb.conf so that
    \\server.name\user connects to the user's home directory. Since I am
    using OpenLDAP as a backend via smbldap-tools, for most users the home
    directory comes from the homeDirectory variable in OpenLDAP.

    However, when I have a user who also has a login on the samba machine,
    that is, an entry in /etc/passwd, Samba seems to ignore the value of
    homeDirectory and use the entry in /etc/passwd instead.

    Here is the section from smb.conf

    [homes]
    comment = %u's Personal Share Directory

    browseable = no
    valid users = %S @admin
    write list = %S @admin
    create mask = 0600
    directory mask = 0700

    I even tried adding the line

    path = /data/home/%S

    to the [homes] section, but it seems to be ignored.

    Any suggestions how I can make Samba prefer the value in HomeDirectory
    over /etc/passwd?

    Wes

    --

    Wes Modes
    Server Administrator & Programmer Analyst
    McHenry Library
    Computing & Network Services
    Information and Technology Services
    459-5208
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] problem with [homes] share for users with unix logins

    for those users, you could put sambaHomePath: \\server\homedir in their
    openldap info.

    Wes Modes wrote:
    > I have the [homes] section set up in my smb.conf so that
    > \\server.name\user connects to the user's home directory. Since I am
    > using OpenLDAP as a backend via smbldap-tools, for most users the home
    > directory comes from the homeDirectory variable in OpenLDAP.
    >
    > However, when I have a user who also has a login on the samba machine,
    > that is, an entry in /etc/passwd, Samba seems to ignore the value of
    > homeDirectory and use the entry in /etc/passwd instead.
    >
    > Here is the section from smb.conf
    >
    > [homes]
    > comment = %u's Personal Share Directory
    >
    > browseable = no
    > valid users = %S @admin
    > write list = %S @admin
    > create mask = 0600
    > directory mask = 0700
    >
    > I even tried adding the line
    >
    > path = /data/home/%S
    >
    > to the [homes] section, but it seems to be ignored.
    >
    > Any suggestions how I can make Samba prefer the value in HomeDirectory
    > over /etc/passwd?
    >
    > Wes
    >


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  3. Re: [Samba] problem with [homes] share for users with unix logins

    Thanks for the suggestions.

    I wanted unix users (exclusively sysadmins and developers) to still get
    their normal unix login directories. On the other hand, since this is a
    file server, any connection via samba, should connect people to their
    samba file directories.

    It looks like your suggestion is "ldapsam:trusted = yes" in smb.conf.
    Here's a good explanation from the Samba docs:

    By default, Samba as a Domain Controller with an LDAP backend needs
    to use the Unix-style NSS subsystem to access user and group
    information. Due to the way Unix stores user information in
    /etc/passwd and /etc/group this inevitably leads to inefficiencies.
    One important question a user needs to know is the list of groups he
    is member of. The plain UNIX model involves a complete enumeration
    of the file /etc/group and its NSS counterparts in LDAP. UNIX has
    optimized functions to enumerate group membership. Sadly, other
    functions that are used to deal with user and group attributes lack
    such optimization.

    To make Samba scale well in large environments, the ldapsam:trusted
    = yes option assumes that the complete user and group database that
    is relevant to Samba is stored in LDAP with the standard
    posixAccount/posixGroup attributes. It further assumes that the
    Samba auxiliary object classes are stored together with the POSIX
    data in the same LDAP object. If these assumptions are met,
    ldapsam:trusted = yes can be activated and Samba can bypass the NSS
    system to query user group memberships. Optimized LDAP queries can
    greatly speed up domain logon and administration tasks. Depending on
    the size of the LDAP database a factor of 100 or more for common
    queries is easily achieved.

    Wes


    Gémes Géza wrote:
    > >From my memory:

    >
    > Unless you use ldapsam trusted = yes parameter samba does an nss lookup
    > to find out the details of the user, so you either
    > 1. remove local users
    > 2. synchronize them to ldap
    > 3. configure /etc/nsswitch.conf to look in ldap first then in files
    > 4. tell samba to trust the ldap database for nss information with the
    > parameter mentioned above.
    >
    > Regards
    >
    > Geza
    >
    >> I have the [homes] section set up in my smb.conf so that
    >> \\server.name\user connects to the user's home directory. Since I am
    >> using OpenLDAP as a backend via smbldap-tools, for most users the home
    >> directory comes from the homeDirectory variable in OpenLDAP.
    >>
    >> However, when I have a user who also has a login on the samba machine,
    >> that is, an entry in /etc/passwd, Samba seems to ignore the value of
    >> homeDirectory and use the entry in /etc/passwd instead.
    >>
    >> Here is the section from smb.conf
    >>
    >> [homes]
    >> comment = %u's Personal Share Directory
    >>
    >> browseable = no
    >> valid users = %S @admin
    >> write list = %S @admin
    >> create mask = 0600
    >> directory mask = 0700
    >>
    >> I even tried adding the line
    >>
    >> path = /data/home/%S
    >>
    >> to the [homes] section, but it seems to be ignored.
    >>
    >> Any suggestions how I can make Samba prefer the value in HomeDirectory
    >> over /etc/passwd?
    >>
    >> Wes
    >>
    >>

    >
    >
    >


    --

    Wes Modes
    Server Administrator & Programmer Analyst
    McHenry Library
    Computing & Network Services
    Information and Technology Services
    459-5208
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread