On Wed, Nov 05, 2003 at 04:36:05PM -0800, Mike Ely
wrote:> I'm working on a client setup for thin-client machines in an AD with
> about 2000 users. One of the requirements is that the server (an LTSP
> box) not store each and every user's home directory. All of our users
> have a Home Folder setting in their AD object, and I'd like to use
> samba to mount that as "home."
>
> What works now:
> smbd, nmbd, winbindd. Compiled Samba 3.0 onto a SuSE 9.0 box and have
> all the basic stuff configured. KDM lists all of the domain users
> "DOMAIN+username" and I can su to any of them from the shell. If
I try
> to login to a KDE session, it won't work of course, because there's
no
> home directory. But auth works right - if I give a bogus password, I
> get failed login error =]
> Also, smbmount and smbclient work right, either with kerberos or via
> login prompt.
>
> What I need to get working:
> A switch so that any domain user logging on will automatically have
> home mapped to their share on the win2k server (we have 3 fileservers
> for the user accounts).
>
> In an earlier message, Jerry pointed me to pam_mount.so, which I see in
> /lib/security, but I don't have any documentation on how to use it, and
> so far google hasn't brought any joy either. Can someone help?
This is all quite possible, but we need to do a bit of work to
intergrate the components. Currently pam_winbind can't tell pam_mount
what server to mount, for example. Also, we have the problem of
special files over CIFS - your Win2k server probably will not like
attemptes to create symbolic links.
At the very least what we need to do is modify pam_winbind to store a
token containing the homedir location, for pam_mount to pinch.
Andrew Bartlett