Samba Winbind create home directories change "domain users" group

Posted on 2009-12-17
Last Modified: 2013-12-09
I am using winbind and samba to authenticate linux logins to windows.  I am able to auto-create user home directories.  I want to change the group on the home directories to something other than "Domain Users"
Question by:rsissick
    LVL 20

    Accepted Solution

    Assuming you have left everything default, you'll need to force a chance in your new-user script.

    The DEFAULT (I believe) is to run the script that comes with Samba
    (something like /usr/local/samba/bin/add_user (which comes with the distro)....

    I don't know if that script takes any variables, but you could make it use the default unix useradd in a manner such as this:
            add user script = /use/sbin/useradd -g OTHERGID -m -b <path to homes> -s /sbin/nologin %u

    NOTE: This script may NOT be exactly the same as the default one! What it WILL do though is:
     - create a user home folder at <path to homes>/username
     - make the user by default belong to the group OTHERGID (instead of Domain Users)
     - NOT allow the new user to login to the Linux box (no shell account -- samba is still fine!)

    I am not POSITIVE that this will make the new home folder belong to the group OTHERGID... but I think it will!

    Good Luck


    Author Comment

    That sounds could, but I cant find /usr/local/samba/bin/ I dont have any such directory.
    LVL 20

    Expert Comment

    by:Daniel McAllister
    The location of your samba binaries depends on how you installed it. The path I gave would assume you BUILT your samba from source. It appears that you installed from a package (or RPM), in which case the executables would be elsewhere (probably /usr/sbin).

    To find the executable for smbd, run:
      find / -type f -name smbd -print

    To find the add_user script (possibly executable program -- not sure with the latest samba!), run:
      find / -type f -name add_user -print

    Good Luck!


    Author Comment

    Thnks ill gv that a shot

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
    The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now