On 3 Feb 2004, Tim Simpson wrote: > Message follows this disclaimer > -------------------------------------------------------------------------------------------------- > This email and any files transmitted with it is confidential and intended solely > for the person or organisation to whom it is addressed.
This mail is not addressed to me, may I read it? ;-) > Sorry if this is a simple question but I have been struggling for many days > trying to samba-3.0.2rc2 working with a win2k AD > > wbinfo -t works > wbinfo -u works > wbinfo -g works > > getent passwd username works > > sharing dirs works > > in fact everything seems to work with the exception of a users directory being > created using pam_mkhomedir.so > > I am running on Redhat 9 with Samba 3.0.2rc2 > > Samba was built using the following options configure --with-quotas --with-pam > > I presume it is something wrong with my pam config which follows > > #%PAM-1.0 > auth required pam_securetty.so > #auth required pam_stack.so service=system-auth > auth required pam_nologin.so > auth sufficient pam_winbind.so > auth required pam_env.so > auth required pam_unix.so nullok use_first_pass > account sufficient pam_winbind.so > account required pam_unix.so > #account required pam_stack.so service=system-auth > #password required pam_stack.so service=system-auth > #session required pam_stack.so service=system-auth > #session optional pam_console.so > session required /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0022 > password required pam_unix.so nullok obscure min=4 max=8 > session required pam_unix.so > session optional pam_lastlog.so > session optional pam_motd.so > session optional pam_mail.so standard noenv > > I have tried many varations of this file from various postings but all to no > avail > > the relevant part of smb.conf follow > > # Global parameters > [global] > workgroup = LEARNINGDOMAIN > realm = LEARNINGDOMAIN.ORG > server string = %L running Samba %v > security = ADS > obey pam restrictions = Yes > password server = pdc.learningdomain.org > passwd program = /usr/bin/passwd %u > unix password sync = Yes > log level = 3 > log file = /var/log/samba/log.%m > preferred master = No > local master = No > domain master = No > dns proxy = No > ldap ssl = no > idmap uid = 10000-20000 > idmap gid = 10000-20000 > template homedir = /home/%D/%U > template shell = /bin/bash > winbind separator = + > [shares] > force create mode = 0660 > force directory mode = 0770 > [homes] > path = /home/%D/%U > browseable = no > read only = no > create mask = 0600 > directory mask = 0700 > writable = yes > > > > if I try su - DOMAIN+Username from a shell prompt > > I get the following reply > > [EMAIL PROTECTED] pam.d]# su - LEARNINGDOMAIN+Administrator > su: warning: cannot change directory to /home/LEARNINGDOMAIN/Administrator: No > such file or directory > -bash-2.05b$ > pam_mkhomedir doesn't make deep directories ... does /home/LEARNINGDOMAIN exist? And, you don't mention which pam config file you are editing, but it is most likely more useful to do this in system-auth, then if you set 'obey pam restrictions = yes' in smb.conf, samba will even make the home directories (or any app pam application with session support ... Regards, Buchan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
