samba - Apr 2022 - sharing an autofs nfs mount

Yep it looks like but unfortunately our setup is a bit complicated.

A group of 15 Centos systems running tasks on instruments.
Experiments results are saved in a local folder on each machines.

We need then to have a centralized place for our users where they can 
get their files using a smb share and also via sftp.

Clients are running windows, linux, mac computers.

Thibault


On 4/7/22 10:01, Rowland Penny via samba wrote:
> On Wed, 2022-04-06 at 20:17 +0300, Thomas Kamalakis via samba wrote:
>> In our case we are using the ad idmap backend to ensure that all
>> users have
>> the same uids in all domain machines. I don't think NFS will work
>> otherwise
>> but maybe someone more samba savvy can provide better alternatives
> Sharing an NFS mount is a 'BAD' idea, you may get it to work, but
you
> will definitely get problems. If you only have Linux clients, just use
> NFS, but in a mixed environment or just Windows clients, use cifs.
>
> Rowland
>
>
>
--

On 4/7/22 10:47, Thibault Roulet via samba wrote:
> A group of 15 Centos systems running tasks on instruments.
> Experiments results are saved in a local folder on each machines.
> 
> We need then to have a centralized place for our users where they can 
> get their files using a smb share and also via sftp.
maybe DFS? Iow run SMB on the the 15 Centos boxes instead of NFS, but 
let users connect to one central DFS server that contains redirects to 
the 15 other servers.

Cheers!
-slow

-- 
Ralph Boehme, Samba Team                 https://samba.org/
SerNet Samba Team Lead      https://sernet.de/en/team-samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.samba.org/pipermail/samba/attachments/20220407/4d77595d/OpenPGP_signature.sig>

What "works for me" 

I have a webserver serving my SFTP service. 

I use SecureShell package for the SFTP/SCP service
Secure shell, makes it easy to set a chrooted homedir. 
I set NIS (* not really needed but i use RSAT ADUC) 
UID set 
Homedir /srv/nfs/customers/SomeUsername/spool

Primary gid to a linux/windows group, WITH GID assigned. 
The login is an automounted folder in this case NFS. 
*( unless you use cifs, then keep "domain users" ) 

Now this works fine here with NFS and CIFS automounts for me. 
Just keep in mind i "want/need" the chroot and nothing else. 


The systemd file to mount the share. 

/etc/systemd/system/srv-remote-customers.mount
#------------
[Unit]
Description=Mount Remote Customers Homedirs


[Mount]
# NFS option. 
What=FQ.DN:/exportnfs/customers
Where=/srv/remote/customers
Type=nfs

# Cifs Option
What=//FQ.DN/customers
Where=/srv/remote/customers
Type=cifs
Options=credentials=/etc/samba/credentials-administrator,rw,vers=3.0
# content : /etc/samba/credentials-administrator
username=Administrator
password=XXXXX
domain=ADDOM

[Install]
WantedBy=multi-user.target
#------------

And the automount file. 

/etc/systemd/system/srv-nfs-customers.automount
#------------
[Unit]
Description=Automount Remote Customers Homedirs

[Automount]
Where=/srv/remote/customers
TimeoutIdleSec=120

[Install]
WantedBy=multi-user.target
#------------

Make sure the needed packages are installed. *( like cifs-utils/nfs-common on
debian)
Make sure you have nfs/fq.dn and cifs/fq.dn in you keytab 

Place both files in /etc/systemd/system 
systemctl daemon-reload
systemctl enable srv-remote-customers.automount

And test. 

Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Ralph Boehme via samba
> Verzonden: donderdag 7 april 2022 12:04
> Aan: Thibault Roulet; samba at lists.samba.org
> Onderwerp: Re: [Samba] sharing an autofs nfs mount
> 
> On 4/7/22 10:47, Thibault Roulet via samba wrote:
> > A group of 15 Centos systems running tasks on instruments.
> > Experiments results are saved in a local folder on each machines.
> > 
> > We need then to have a centralized place for our users 
> where they can 
> > get their files using a smb share and also via sftp.
> 
> maybe DFS? Iow run SMB on the the 15 Centos boxes instead of NFS, but 
> let users connect to one central DFS server that contains 
> redirects to 
> the 15 other servers.
> 
> Cheers!
> -slow
> 
> -- 
> Ralph Boehme, Samba Team                 https://samba.org/
> SerNet Samba Team Lead      https://sernet.de/en/team-samba
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>