Re: [Samba] Regular users can't log in to Samba AD DC from Windows

Thank you, Rowland, for the reply.

And the nss tests as per Wiki seem to pass:

# getent passwd Administrator

# getent passwd user1
RW\user1:*:3000017:20:User1 Tester1:/home/user1:/usr/sbin/nologin

The above is interesting, you don't have a template homedir line in
smb.conf but you have '/home/username' instead of

Oh, yes, didn't notice that. But the directory doesn't actually
exist. I guess it would be created on first logon which has not yet
occurred ?) And I can't login with it locally (I would need PAM
configured for it, right?)>

Yes, you need to get PAM to create the users homedir with pam_mkhomedir

Although, when I create a FreeBSD user ("pw useradd testuser -m
/home/testuser"), the home directory is immediately created without
loging in.

That's because you are telling the command to create the homedir

I tried now to create a user explicitly telling the home directory:
samba-tool user create user2 Pa$$w0rd --surname=Tester2
--given-name=User2 --mail-address=user2@xxxxxx

getent passwd user2
RW\user2:*:3000020:20:User2 Tester2:/home/RW/user2:/usr/sbin/nologin

But otherwise nothing changes: directory isn't created, and I can't
login from Windows. And the logs repeat the same thing.

samba-tool doesn't create the homedirs, it populates an attribute in AD
and PAM reads this and creates the home dir at first login.

I see. But I don't necessarily need homedirs and hence PAM configured just to log in from Windows and access a file share from there, do I? Or even just to log in on Windows to the domain.


