Jump to content

Domain login Samba Mandrake 9.0


Guest PegasusMD
 Share

Recommended Posts

Guest PegasusMD

I'm trying to set up a Mandrake 9.0 workstation to use the NT2000 PDC to allow domain users to login using winbind options. I'm able to see the domain users in the graphical login screen and the users are able to log on but when the KDE trys to start it can not. I get the message that it is unable to write to the $HOME (/) . It seems when the domain users log on they are set up with / as the home directory eventhough i have template homedir=/home/%D/%U setup in the smb.conf. Is there something I'm missing in setiong this up. I used the article on joining an NT domain article that is found on the Mandrake users site. and set up the pam.d/login and the system-auth.

 

 

Michael Delessio

Link to comment
Share on other sites

Don't know about this, i have always used samba as the pdc, the documentation is for mandrake 8.2 but it still should be fairly valid for 9.0. I don't think samba has changed that much.

 

I found this page on google, not mandrake specific but should be applicable.

http://www.data-based-systems.com/download...Windows2000.htm

Link to comment
Share on other sites

Guest PegasusMD

Thanks but the mounting and access to file share is not a problem that is working . What i'm trying to do is a Domain User log on to the workstation where there is not a Unix account for the USER . according to the documents this is possible and the logon part is working. I can logon as a domain user if i go to failsafe (no gui) the problem is the HOME directory is being set to / instead of what is in the smb.conf which is template homedir=/home/%D(for domain)/%U (for USERNAME). It seems the winbind and or samba (pam) (not sure what) is ignoring that setting for HOME directory. I'm looking for any ideas and hope that someone had set something like this before and can give me a clue on how to find the problem and fix it.

 

 

Michael Delessio

Link to comment
Share on other sites

Guest PegasusMD

Well since no one can help in my efforts to get Domian User logon on a mandrake 9.0 workstation. i will add my efforts here so readers can see what I have done so i may help them if they try this. I been using as a guide the How to join an windows domain and Using Winbind To Authenticate Other Services articles that is in the document section of mandrakeuser.org. Following those instruction I was able to join the domain , use getent passwd and getent group and have the domain users show up in the graphical log in screen. When the users try to logon it appears they are logged in but when any GUI desktop is started it fails with unable to write to $Home (/) even though the template homedir=/home/%D/%U is set up in the smb.conf for use with winbind. I decided to install the telnet server so I could see if I could log in without a GUI. When i telnet in and login as a DOMAIN USER. I log in but see a message:

creating directory '/home/DOMAINNAME/USERNAME'

permission denied

and the seesion terminates. Now the article I used show adding to the /etc/pam.d/login the line

session required /lib/security/pam_mkhomedir skel=/etc/skel/ umask=0022

 

for to automaticaly create the home directories. It seems pam-mkhomedir is trying to make the directories but unable to do because of pemissions. Doesn't pam operate as root and should have the permissions to create the directory? Well this is the next step I will have to try and figure out, why pam-mkhomedir not have permission to create the home directories.

Link to comment
Share on other sites

Guest PegasusMD

Well I have it working. Doamin Users can now log in to the linux workstation using domain authorization. I had to change the /home directory permissions from rwxr-xr-x to rwxrwxrwx.

 

 

Michael Delessio

Link to comment
Share on other sites

Actually, chances are you didn't fill the domain name in in CAPS, and there is a small bug in the setup, it doesn't capitalise the domain name when making /home/%D

 

So, you could just have fixed this by making the directory /home/%D

 

Please undo the permissions on /home, it should not be world-writeable.

 

Everything else (including the pam_mkhomedir) should be done right by the installation.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...