Thanks Felipe, I feel like an idiot for not seeing the %G option earlier. This is just what I want.
I'll try it out. I appreciate the help. John On 7/18/07, Felipe Augusto van de Wiel <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > john wrote, On 15-07-2007 20:19: > > Hi all, > > > > I hope this is an easy one: > > > > We've just set up a samba server and We're using winbind > > with the idmap_rid backend option to authenticate users > > via AD. So far so good! Now we want window users to have > > there home shares on the samba server. > > > > When Winbind pulls a list of users from AD it appears to > > use the template homedir option in our smb.conf to figure > > out where users home directories should be located (Am I > > wrong about this?) This relationship seems to get "hard > > coded" into the idmap. > > I wouldn't say "hard coded", I would say it has a > default value /home/%D/%U > > > > My question is can the smb.conf Global Option "template > > homedir =" be used to allow users to log in to their > > home dir if /home isn't flat? Is there another way to do > > this? > > Yes, 'template homedir' can be used to change the > value, but I'm not sure if it will work for you, because > you have years in the template. > > You could use a "envvar": > > %$(envvar) > the value of the environment variable envar. > > > But I'm not sure how would you tell samba on > a per-user basis about that, except by my suggestion > below to use primary groups. > > > > We have about 1500 hundred kids whose home directories > > should look like /home/graduationYear/studentName > > > > So student a's home directory should look like: > > /home/2008/astudent > > > > and student b's might be: > > /home/2009/bstudent > > That's the point, I don't know how you could use > a variable for the "year". /home/$year/%U, not sure but > maybe you can have your students in the primary group of > their graduation year and use that as a variable: > > /home/g2008/astudent > /home/g2009/bstudent > > template homedir = /home/%G/%U > > astudent primary group is g2008 > bstudent primary group is g2009 > > > > Would it be better to just leave out template homedir, remove the > > tdb's and rebind to windows? What would SAMBA's process be to map > > windows users to unix home directories then? > > Not sure about that, but I think if you can afford > that change, you could opt to change the primary groups and > go with the above solution or something similar. Check the > variables available in smb.conf. > > > > Perhaps the real solution is to create shares like this: > > > > [2007] > > path = /home/students/2007 > > valid users = %S > > readonly = no > > writable = yes > > printable = no > > create mode = 0600 > > directory mode = 0600 > > > > > > [2008] > > path = /home/students/2008 > > valid users = %S > > readonly = no > > writable = yes > > printable = no > > create mode = 0600 > > directory mode = 0600 > > Uhhh... sorry, that's ugly and will give you > a lot of work every year, the group approach seems > to be more maintainable. ;) > > > > Any advice would be appreciated! > > Thanks! > > John > > Hope this helps. > Kind regards, > - -- > Felipe Augusto van de Wiel <[EMAIL PROTECTED]> > Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE > http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFGnh6QCj65ZxU4gPQRCOn3AJ9Gp51+Y70UBahF3aEMiTNEMX0HUQCfeY+D > TOFQ5p4E2Z2hHPp5eZjWK6U= > =7TPS > -----END PGP SIGNATURE----- > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
