I've got a brand new installation of CentOS minimal, and have installed Samba as follows:
yum install krb5-workstation samba
Firstly, have I got all the necessary packages to become a domain member? The above command also installs for dependencies:
libtalloc libtdb samba-common samba-winbind samba-winbind-clients
In my smb.conf I have the lines:
template shell = /bin/bash
template homedir = /home/%D/%U
I've joined to the domain with:
net ads join -U <admin>
I can now use getent passwd and see AD users as well as local users, but all the AD accounts have shell listed as /bin/false. They do correctly have home directories as /home/<DOMAIN>/<username>, though.
What could be causing this behaviour? All AD users currently get logged out on authentication!
Best Answer
It depends on what type of backend your are using. The order doesn't matter but your templates will only be applied if you are using template driven backends like idmap_rid.