9759 – can't overwrite loginshell and unixhomedir for users

Bug 9759 - can't overwrite loginshell and unixhomedir for users

Summary: can't overwrite loginshell and unixhomedir for users

Status:	RESOLVED INVALID

Alias:	None

Product:	Samba 4.0
Classification:	Unclassified
Component:	Winbind (show other bugs)
Version:	4.0.4
Hardware:	All All

Importance:	P5 major (vote)
Target Milestone:	---
Assignee:	Samba QA Contact
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-04-02 11:19 UTC by Andreas Matthus
Modified:	2019-07-12 18:50 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Matthus 2013-04-02 11:19:26 UTC

Hallo,

on a self-compiled samba 4.0.4 it is possible to get unix-access over winbind. But only "template shell" in smb.conf give a choice to set login shell and unixhomedir. Settings in samba-ldap are ignored.

Using
        idmap_ldb:use rfc2307 = Yes
in smb.conf not change the behavior.

nsswithc.conf contain:
passwd:         compat winbind
group:          compat winbind
shadow:         compat winbind

wbinfo -i test1
TEST\test1:*:3000017:513::/home/TEST/test1:/bin/false

User test1 has in samba4-ldap:
loginShell: /bin/bash
objectClass: top
objectClass: posixAccount
objectClass: person
objectClass: organizationalPerson
objectClass: user
unixHomeDirectory: /home/test1

If I set template shell to /bin/bash users can login to linux with samba4-creditials. But I don't want give that all users.
Waht can I do?

With regards
Andreas Matthus

Comment 1 Rowland Penny 2019-07-12 18:50:16 UTC

This is a very old bug report, but even today with the latest Samba, you can only use the template lines on an AD DC. This means that all users get the same login shell and home directory path.