The home folder is generally a users default directory which contains his or her personal files, programs, e.t.c whenever he/she logs in to the network. It is sometimes called the login directory. In this guide, “Home Folder on Samba4 “, we will follow best practice and avoid using the samba built-in [homes] section that dynamically shares the home directory to all users. According to samba documentation, https://wiki.samba.org/index.php/User_Home_Folders, using the home section, will involve some workaround and we may have to create each users home directory manually. Also, the [home] feature is currently not supported in the samba4 active directory domain controller.
Now we are going to create the users folder on samba using the same steps we used in this https://topnetworkguide.com/setting-up-a-share-on-samba4-active-directory-domain-controller/, guide.
If you are with me, lets get started!
Home Folder on Samba4
Login to your samba4 server and create a folder or directory called users in samba4.
Next, give the users folder the permission of 775. Visit the guide above for further explanation.
Now, transfer ownership from root to domain users,
We should now open up smb configuration file and enter the path to the users folder like this;
and enter in this content as shown in the image below[users]
path = /users
read only = No
Restart samba by running the command #/etc/init.d/samba restart
ASSIGN HOME FOLDER TO USERS
To achieve this, we will use group policy management console from RSAT on a windows machine. But, before this, lets set the necessary permission on the folder.
Open up mmc and navigate to computer management. Connect to the machine running samba4 share by entering the hostname or ip address of the machine.
Now click on system Tools=>Shared Folders=>Share.
Right click on your users folder and click properties. The properties box opens.
Click on share permissions and add domain users and domain admins. Grant domain users share permission of change and read.
Grant domain admins full share permissions.
Also give file permissions using the security tab as shown below for the domain users and domain admins. For the domain admin, grant full access or control. Also grant the creator group full control.
For the domain users, give them read and execute permission.
Now click on security=>advanced and verify that the inherited from column is “not inherited”.
If you see a path in the inherited from column, simply click change permission and tick include inheritable permission from the object’s parent.
Now, launch group policy management and right click the domain and click create a GPO in the domain and link it here. Give your gpo a name e.g Home Folder. Edit the Home Folder GPO and click on user configuration=>preferences=>windows setting=>Drive Map.
Right click on Drive Map=>New=>Mapped Drive. In the general tab, select create for action. Tick on reconnect and enter in this value \\Samba Server Name or IP\%LogonUser%
This will enable the users home directory to be stored in the samba share anytime a user logs on to his machine using the users name.
In the Common tab, tick run in logged-on users security context. Click Ok.
The next time a user logs in, this policy is applied to the user.
We have successfully configured home folder in samba4. Next up, we will use our home folder to correctly configure folder redirection. Please stay tuned!