On Tue, Apr 26, 2011 at 3:33 AM, Yared Berhanu <[email protected]> wrote: > Thank you nico, > > I was looking at autofs, but I don't know how to do it with Kerberos enabled > logins. Is there any tutorial or manual to get start with it? Would you mind > if you could give me some how-tos if possible for you? > > On Tue, Apr 26, 2011 at 3:31 AM, Nico Kadel-Garcia <[email protected]> wrote: >> >> On Mon, Apr 25, 2011 at 3:54 PM, Yared Berhanu <[email protected]> wrote: >> > Greetings, >> > >> > Is there any way to assign Group Policy in Samba 4 AD on linux clients? >> > I >> > was trying to implement a logon/logout script which will mount active >> > directory user's home directory automatically but unsuccessful. >> > >> > Sincerely, >> >> Why not simply use autofs and a relevant "/home/[DOMAIN]/user" >> automount table? Keep it out of /home directly to avoid conflicts with >> other software, but such subdirectories are easily published with >> automounting tables and even wildcards.
Let's do it on the list. It's very relevant to Samba back end configurations. I'm assuming that you've got a working upstream storage server that has the homedirs. Simply installing autofs on the Samba server, enabling it, and adding an entry to /etc/auto.master that directs mounting under /home/[DOMAIN]/ to a separate /etc/auto.home.[DOMAIN] configuration file, enables a file that can use the /home/[DOMAIN]/* directory for wildcard completion against a specific upstream NFS, CIFS, or other fileserver is mentioned in the documentation. (I don't have it in front of me right now, but I've used it.) It's useful to avoid having to propagate automounting maps. It gets trickier if there are multiple upstream file servers. In that case, you'd need to publish an automount table with the user's login names and various targets, or even publish the wildcard expansion in a designated order so it would try one, then the other. And woe be to you if you've got user homedirs on *both* upstream servers!!!! You'll also want to be cautious in your autofs mounting options, just as you would for /etc/fstab based mounting. Think, carefully, about whether you use NFSv3 or NFSv4, especially NFSv4 ACL lists to try nad support user access similar to that of CIFS. (It's workable in Samba, but not well integrated, and the Windows clients can't display the settings.) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
