On Mon, May 14, 2012 at 7:04 PM, Jorell <[email protected]> wrote: > On 5/14/2012 6:42 AM, Muhammad Yousuf Khan wrote: >> >> On Sun, May 13, 2012 at 9:38 PM, Jorell<[email protected]> wrote: >>> >>> On 5/10/2012 11:19 PM, Muhammad Yousuf Khan wrote: >>>> >>>> >>>> i am u sing AD integrated Samba with winbind,I need to share a samba >>>> home folder for every single user in my Active directory. since i dont >>>> wanna create every user's directory i want samba to manage it. however >>>> i dont wanna place the home folders on default path as the boot drive >>>> (/dev/sda) is very small to store the data, beside that, i do have >>>> storage /nas/users which is a mount point of my raid array. so >>>> specifically every user's home folder should be created on /nas/users >>>> and this is my home share details in samba. >>>> >>>> [homes] >>>> comment = Home Directories >>>> browseable = yes >>>> writeable = yes >>>> create mask = 0700 >>>> directory mask = 0700 >>>> valid users = %S >>>> >>>> after sharing i can see two folders on the samba share >>>> 1. admin (which is my valid user and i was expecting this) >>>> 2. home ( this is some thing making me confuse, it shouldn't suppose >>>> to be there ) >>>> >>>> however, when i click on both folders it gives me an error >>>> >>>> "you might not have permission to use this network resource ...... >>>> Blah blah blah"[global] >>>> >>>> workgroup = xxxx >>>> realm = xxxx.COM >>>> netbios name = nasbox >>>> server string = %h server >>>> security = ADS >>>> obey pam restrictions = Yes >>>> pam password change = Yes >>>> passwd program = /usr/bin/passwd %u >>>> passwd chat = *Enter\snew\s*\spassword:* %n\n >>>> *Retype\snew\s*\spassword:* %n\n *password\supd$ >>>> unix password sync = Yes >>>> syslog = 0 >>>> log file = /var/log/samba/log.%m >>>> max log size = 1000 >>>> dns proxy = No >>>> panic action = /usr/share/samba/panic-action %d >>>> idmap uid = 10000-20000 >>>> idmap gid = 10000-20000 >>>> winbind enum users = Yes >>>> winbind enum groups = Yes >>>> winbind use default domain = Yes >>>> . >>>> >>>> further, all other shares are working fine. here is my samba global. >>>> >>>> >>>> >>>> >>>> >>>> Thanks >>> >>> >>> >>> here is what I use in my conf >>> [ProfileShare] >>> ... >>> root preexec = /root/pdc/smbmkhomedir.sh %D %U >>> ... >>> >>> >>> < smbmkhomedir.sh> >>> #!/bin/bash >>> if [ ! -e /home/$1/$2 ]; then >>> mkdir -p /home/$1/$2 >>> chown $2:"Domain Users" /home/$1/$2 >>> chmod 4711 /home/$1/$2 >>> setfacl --set=d:u::rwx,d:g::--x,d:o::---,d:u:$2:rwx,d:g:'domain >>> users':--x /home/$1/$2 >>> fi >>> exit 0 >> >> >> >> can you please share a bit more >> >> [global] >> ? >> [profileshare] >> ? >> >> that would be very helpful. >> >> Thank you, >> >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba > > > > On my partition it mounts with "acl,user_xattr" >
yes exactly that is making me confuse becuase i am have never used an ACL. anyways. ill try this stuff next day since my office is closing and need to leave ill update the status soon Thanks, > > [global] > workgroup = MIDEARTH > netbios name = FRODO > realm = MIDEARTH.REALM > server string = %D server (samba %v) > security = ADS > map to guest = Bad User > encrypt passwords = Yes > lanman auth = No > ntlm auth = No > client NTLMv2 auth = Yes > printcap name = cups > printing = cups > disable spoolss = No > show add printer wizard = No > log file = /var/log/samba/log.%m > max log size = 512 > syslog = 0 > map archive = No > map system = No > map hidden = No > map readonly = No > store dos attributes = Yes > > winbind enum users = Yes > winbind enum groups = Yes > winbind use default domain = Yes > idmap backend = tdb > idmap uid = 10000-19999 > idmap gid = 10000-19999 > idmap config MIDEARTH : backend = ad > idmap config MIDEARTH : range = 20000-29999 > > [ProfileShare] > comment = Roaming Profile Share > path = /home/%D/%U > valid users = %U > read only = No > guest ok = No > browseable = No > > root preexec = /root/pdc/smbmkhomedir.sh %D %U > create mask = 4711 > directory mask = 4711 > map acl inherit = Yes > profile acls = Yes > store dos attributes = Yes > map archive = No > map system = No > map hidden = No > map readonly = no > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
