Scientific Linux Forum.org



  Reply to this topicStart new topicStart Poll

> Samba variables not respected or honored or translated to its value, samba variables not working as expected
helikaon
 Posted: Aug 20 2014, 08:15 AM
Quote Post


SLF Administrator
*******

Group: Admins
Posts: 836
Member No.: 4
Joined: 8-April 11










Hi,
got a strange problem - some (not all) variables used in samba config file 'smb.conf' are not translated to its values and are used as a string (or let's say text value).
CODE

samba.x86_64                            3.6.9-164.el6                
samba-client.x86_64                     3.6.9-164.el6                
samba-common.x86_64                     3.6.9-164.el6                
samba-winbind.x86_64                    3.6.9-164.el6                  
samba-winbind-clients.x86_64            3.6.9-164.el6                  
samba4-libs.x86_64                      4.0.0-58.el6.rc4              


for example, part in 'smb.conf' specifying netlogon scripts and user profiles location:

CODE

       logon script = netlogon.bat
       logon home = \\%L\home\%U
       logon path = \\%L\profiles\%a
       logon drive = H:

[netlogon]
       path = /etc/samba/scripts/%g
     
   
[profiles]
       path = /home/%U/windows_directory


The "%L" should translate to server's NetBIOS name but it does not, resulting in not mapped user homes and profiles.
After i replace the "%L" with netbios server name it works (i have the netbios name specified in smb.conf ofc).

Also the "%a" also does not work.
It creates (in my case) folder "%a.V2" (whole path /home/username/windows_directory/%a.V2) where expected behaviour would be eg. 'Vista.V2', referring to architecture of the client.

Anyone has seen this? Tried to search it on Inet but not much turned out, except ppl having similar problems on Samba 4, but this is Samba 3 ..

cheers,

--------------------
PMEmail Poster
^
helikaon
 Posted: Aug 21 2014, 11:37 AM
Quote Post


SLF Administrator
*******

Group: Admins
Posts: 836
Member No.: 4
Joined: 8-April 11









Solved it. The problem was not actually in 'smb.conf' but in 'smbldap.conf' and in 'smbldap-useradd' script.
I have in testing Samba PDC with 389 Directory server (LDAP) as backend. I was populating users to LDAP via smbldap-tools - so, It is bug most probably in the 'smbldap-tools' package (and not in Samba or 'smb.conf').

problem:
1. 'smbldap-useradd' pulls info from 'smbldap.conf with higher priority than from 'smb.conf'
2. if i specified samba variables to 'smbldap.conf' it was not translated to value upon user creation

so if i specified samba 'logon path' (and others) with variables like "%L" and "%a" etc to 'smbldap.conf' those variables (like "%L" and "%a") were not translated upon user creation and then were used as text string -as seen in example below

'smbldap.conf' (snipped):
CODE

userSmbHome="\%L\home\%U"
userProfile="\%L\profiles\%a"


example of user with badly specified vaues (pdbedit -Lv):
CODE

Unix username: frapadlo
NT username: frapadlo
Account Flags: [U ]
User SID: S-1-5-21-227204714-1302568183-3697768885-3012
Primary Group SID: S-1-5-21-227204714-1302568183-3697768885-100
Full Name: Franta Padlo
Home Directory: \%L\home\frapadlo
HomeDir Drive: H:
Logon Script: netlogon.bat
Profile Path: \%L\profiles\%a
Domain: DIRSRVGRP
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Tue, 19 Jan 2038 04:14:07 CET
Kickoff time: Tue, 19 Jan 2038 04:14:07 CET
Password last set: Wed, 20 Aug 2014 16:57:41 CEST
Password can change: Wed, 20 Aug 2014 16:57:41 CEST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF


Those informations from user attributes are pulled then as text string, leading to not translation to its values -> fail in mapping user directory etc.

After i disabled those variables in the 'smbldap.conf' (like 'userSmbHome' etc) the 'smbldap-useradd' script had to pull those informations from 'smb.conf' and this time it translated those variables to values successfully resultin in properly created users like eg:

CODE

Unix username: honpadlo
NT username: honpadlo
Account Flags: [U ]
User SID: S-1-5-21-227204714-1302568183-3697768885-3018
Primary Group SID: S-1-5-21-227204714-1302568183-3697768885-100
Full Name: Honza Padlo
Home Directory: \dirsrv2\home\honpadlo
HomeDir Drive: H:
Logon Script: netlogon.bat
Profile Path: \dirsrv2\profiles\UNKNOWN
Domain: DIRSRVGRP
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Tue, 19 Jan 2038 04:14:07 CET
Kickoff time: Tue, 19 Jan 2038 04:14:07 CET
Password last set: Thu, 21 Aug 2014 13:05:03 CEST
Password can change: Thu, 21 Aug 2014 13:05:03 CEST
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF


Note eg. properly translated server NETBIOS name etc and note the "UNKNOWN" for "%a" variable (architecture) of client that is not known (of course) at the time of user creation.
This is properly created user with all paths variables translated and set.

Problem identified (most probably) in the 'smbldap-useradd' script - some might find it of value.

cheers,

--------------------
PMEmail Poster
^
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:

Topic Options Reply to this topicStart new topicStart Poll