samba - May 2009 - authenticate Linux users to AD on Windows 2003R2

Hello,
 
I have enough details on how to have Linux users authenticate to a 2003r2
AD, but I need help getting their home dir's to automatically mount to a
windows share. Any details would be greatly appreciated.
 
Many thanks,
 
James

I am interested in this as well, but not all our users have home directory
set. Let me know if you find any way to do this. What I've found so far is
not very appealing.


On 5/14/09 2:19 PM, "James D. Parra" <jamesp@musicreports.com>
wrote:
> Hello,
>  
> I have enough details on how to have Linux users authenticate to a 2003r2
> AD, but I need help getting their home dir's to automatically mount to
a
> windows share. Any details would be greatly appreciated.
>  
> Many thanks,
>  
> James 
-- 
Robert LeBlanc
Life Sciences Computer Support
Brigham Young University

Well, not exactly Samba related... but we have a file server that runs 
Samba for Windows clients and NFS for the Linux ones on the same 
folders.  Both authenticate against AD (we're running 2003 with SFU 3.5, 
not R2).  We have uid/gid/home folder info in AD.  Linux machines mount 
the file share /home from the files server for all home folders (fstab 
on the local machine) and then we use ldap in nsswitch to get the 
correct path to the users home folder, which is then there for them and 
they have access to once they've logged in.  _GOT_ to make sure your 
uid/gid info in AD matches the uid/gid info on the nfs share, we use 
wbinfo and "idmap=rid" in smb.conf to script consistent uid/gids for
our
folders (Perl is your friend!)

We use ldap in nsswitch because we have a "non-samba" layout for our 
home folders, ie. it's not /home/yourdomain/username, but if you can 
have that setup then you can simplify things a bit by using winbind in 
nsswitch and you get the "standard" path for your home folder.  As I 
said, just make sure you've already mounted the /home on the client 
through fstab.  There are pretty good tutorials out there on most parts 
of this for Debian/Ubuntu if you Google it (probably other Distros too, 
I'm just biased!).

Of course I'm running a Linux File server, you'll need to use Server 
2003 R2's nfs abilities which I've never tried, but it claims to be able
to do it.  Or you could move your file server over to Linux/Samba/nfs!!

Let me know how it works out!  I can give you more specific details if 
you want, but probably best off list I would think as it's not exactly 
Samba...

Steve


James D. Parra wrote:
> Hello,
>  
> I have enough details on how to have Linux users authenticate to a 2003r2
> AD, but I need help getting their home dir's to automatically mount to
a
> windows share. Any details would be greatly appreciated.
>  
> Many thanks,
>  
> James 
>   
-- 
Steve Rippl
Technology Director
Woodland School District
360 225 9451 x326

Hello,

You can use pam-mount module
http://pam-mount.sourceforge.net/

Gints

James D. Parra rakst?ja,  2009.05.14. 23:19:
> Hello,
>  
> I have enough details on how to have Linux users authenticate to a 2003r2
> AD, but I need help getting their home dir's to automatically mount to
a
> windows share. Any details would be greatly appreciated.
>  
> Many thanks,
>  
> James

Just FYI, you can use:

Template homedir = /home/%U

To make winbind home directories in /home rather than /home/domain.

Robert LeBlanc
Life Sciences Computer Support
Brigham Young University
leblanc@byu.edu
(801)422-1822
> -----Original Message-----
> From: samba-bounces+robert=leblancnet.us@lists.samba.org
[mailto:samba-
> bounces+robert=leblancnet.us@lists.samba.org] On Behalf Of Steve Rippl
> Sent: Thursday, May 14, 2009 10:20 PM
> To: James D. Parra; Samba
> Subject: Re: [Samba] authenticate Linux users to AD on Windows 2003R2
> 
> Well, not exactly Samba related... but we have a file server that runs
> Samba for Windows clients and NFS for the Linux ones on the same
> folders.  Both authenticate against AD (we're running 2003 with SFU
> 3.5,
> not R2).  We have uid/gid/home folder info in AD.  Linux machines
mount
> the file share /home from the files server for all home folders (fstab
> on the local machine) and then we use ldap in nsswitch to get the
> correct path to the users home folder, which is then there for them
and
> they have access to once they've logged in.  _GOT_ to make sure your
> uid/gid info in AD matches the uid/gid info on the nfs share, we use
> wbinfo and "idmap=rid" in smb.conf to script consistent uid/gids
for
> our
> folders (Perl is your friend!)
> 
> We use ldap in nsswitch because we have a "non-samba" layout for
our
> home folders, ie. it's not /home/yourdomain/username, but if you can
> have that setup then you can simplify things a bit by using winbind in
> nsswitch and you get the "standard" path for your home folder. 
As I
> said, just make sure you've already mounted the /home on the client
> through fstab.  There are pretty good tutorials out there on most
parts
> of this for Debian/Ubuntu if you Google it (probably other Distros
too,
> I'm just biased!).
> 
> Of course I'm running a Linux File server, you'll need to use
Server
> 2003 R2's nfs abilities which I've never tried, but it claims to be
> able
> to do it.  Or you could move your file server over to
Linux/Samba/nfs!!
> 
> Let me know how it works out!  I can give you more specific details if
> you want, but probably best off list I would think as it's not exactly
> Samba...
> 
> Steve
> 
> 
> James D. Parra wrote:
> > Hello,
> >
> > I have enough details on how to have Linux users authenticate to a
> 2003r2
> > AD, but I need help getting their home dir's to automatically
mount
> to a
> > windows share. Any details would be greatly appreciated.
> >
> > Many thanks,
> >
> > James
> >
> 
> --
> Steve Rippl
> Technology Director
> Woodland School District
> 360 225 9451 x326
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>