Hi all. Is it just me or there's no way to restrict access to [homes] share to members of an AD group? Or is it treated like an ordinary Unix group via Winbind mapping? If I use "valid users = %S" (to give access to the home only to the owner), every domain user (worse: every user in any trusted domain) can access his/her own share... if path exists. That leads to the second problem: is it possible to automatically create the home dir if it's missing (w/o requiring the user to log on the server)? Sort of "pam_mkhomedir" for shares...
I have to handle laboratories w/ a lot of students, and pre-creating homes would be impractical, while giving access to everybody in the university is a waste of resources... TIA, Diego. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
