SOLVED Samba homes with LDAP

[4noth3M3]

Hello everyone!
I've come a long way with this forum without asking silly questions but now it's getting time :)

I'm using LDAP (Jumpcloud) and have Mac's (10.13.6) accessing my FreeNAS SMB Shares.
At least the SMB-Home Share is not acting like it should as I can't connect to it. Jumpcloud creates the homes to / and from there it's linked to my .../smb-homes

Code:

[root@ServerANT ~]# ls -l / | grep -i home
lrwxr-xr-x   1 root  wheel    34 Jan  7 15:33 home -> /mnt/datenTANK_10/shares/smb-homes
lrwxr-xr-x   1 root  wheel    34 Jan  7 15:30 home.g+A54g -> /mnt/datenTANK_10/shares/smb-homes
drwxr-xr-x   4 root  wheel     4 Jan  7 15:24 home.hEhylw
[root@ServerANT ~]# ls -l /mnt/datenTANK_10/shares/smb-homes/
total 2
-rw-rw-rw-  1 root  wheel             0 Jan  7 15:08 .windows
drwxrwxr-x+ 4 root  ldap-xtrw-smbshr  4 Jan  7 16:05 LDAP
[root@ServerANT ~]# ls -l /mnt/datenTANK_10/shares/smb-homes/LDAP/
total 34
drwxrwxr-x+ 2 admin      admin      10 Jan  7 16:05 admin
drwxrwxr-x+ 2 christina  christina  10 Jan  7 15:39 christina

after logging in for the first time a new home is created (daniel)

Code:

[root@ServerANT ~]# ls -l /mnt/datenTANK_10/shares/smb-homes/LDAP/
total 51
drwxrwxr-x+ 2 admin      admin      10 Jan  7 16:05 admin
drwxrwxr-x+ 2 christina  christina  10 Jan  7 15:39 christina
drwxrwxr-x+ 2 daniel     daniel     10 Jan  7 16:59 daniel

it's showing up but no access

How do I passthrough all Members of my smbshr-group, do I have to use setfacl and if so how?
I also tried with a WIN-VM with the same results.
I can get access to my Main Shares but it's hard to understand how to handle permissions in this scenario, or is it it just the same as if I was not using LDAP?!
So if you have good advice or links I would appreciate :)

Daniel

 

[dlavigne]

Were you able to figure this out?

 

[4noth3M3]

Were you able to figure this out?

Sorry for the delay...

No not really but maybe it’s not only affected with smb. I started with a fresh install enabled ldap and logged in with a user (ssh) no home was created but the /home/ is there.
After creating a home share the story from above repeats.
Another problem I see is that Freenas doesn’t give sudo rights for the allowed ldap users
Could the ldap.conf or nss help?

 

[Johnny Fartpants]

I've played around with a similar setup so not sure if any of this info will help.

Trying to create home directories on FreeNAS using Active Directory group/s.

I setup a normal dataset called Home and then an SMB share linking to it and selected the 'use as home share' check box.

After that I edited the samba config '/usr/local/etc/smb4.conf' and added the below line to the share:

[homes]
valid users = @"ADS\homesharegroup"

This way any members of the above group could connect to the share and would automatically be created a folder within Home/ADS/

Permissions are auto created so nothing more to do.

I hope you find some of this helpful.

 

[4noth3M3]

Thanks for your Input Johnny Fartpants

SMB-Homes are working now- don't know if it's a nice solution..

changed the Path of the share from ".../shares/homes/%U" to ".../shares/homes/LDAP/%U"
added Auxilliary Par valid users = @ldap-smb-homes