similar to: User home directories on a windows server question.

Hi all, this is not really a Samba question, but related, and I hope that some of you are using this and can tell me what I am doing wrong. On a member server, I can mount my shares by hand specifying "-o username=xxx,domain=yyy,password=zzz". But as soon as I put "sec=krb5" in the mount options (and leaving out the password part), I get this error: # mount error(126):

> > If by "key" you meant keytab then you were right. A keytab is a file > dedicated to contains credentials (https://kb.iu.edu/d/aumh or > http://web.mit.edu/Kerberos/krb5-1.12/doc/basic/keytab_def.html). > > Keytab are used when you want to automate actions which need > authentication. When some automated action requires credentials you > have to provide

> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland Penny via samba > Verzonden: woensdag 11 oktober 2017 11:39 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Using GPO to mount shares on Linux > > On Wed, 11 Oct 2017 11:00:59 +0200 > Michael Wandel <m.wandel at t-online.de> wrote: > > >

Am 04.11.2015 um 14:49 schrieb mathias dufresne: > 2015-11-04 13:58 GMT+01:00 Ole Traupe <ole.traupe at tu-berlin.de>: > >> Mathias, thanks again! This sounds like a very reasonable approach. I know >> that with remote ssh and public key authentication you can set the limit to >> a single possible command. is this also possible with AD users? >> > I'm

Mathias, thanks again! This sounds like a very reasonable approach. I know that with remote ssh and public key authentication you can set the limit to a single possible command. is this also possible with AD users? Unfortunately, I don't have 'multiuser' support in my current cifs-utils version 4.8. So I would end up with your designated user being the owner of all the files and

>> I mean, putting the key in the keytab looks like a security risk to me. > In what way does it appear any more of a risk than having the keys > which you have there already? Even if someone steals the keytab, > they're gonna be hard pressed to crack the key in the few hours before > the tgt expires. Do you have very sensitive data maybe? Ok. And maybe I misunderstood

Hi all! As a long slackware user I'm a total noob in pam and I'm banging my head against a wall trying to set it up correctly to play nice with slackware's default pam configuration. One of the things I'm trying to accomplish is to be able to logon while the ad domain is available and have pam_mount automount the samba shares and to be able to do an offline logon and skip the

Hello, I'm using a Samba 4 as domain server and I've a lot of Windows computers that mounts shared drives on another server through GPO applied by user groups. Is there any way to do something similar on a Linux box, or I've to use a local script? Thanks! -- _________________________________________ Daniel Carrasco Marín Ingeniería para la Innovación i2TIC, S.L.

So finally here is the solution that works for me. If you have any questions, just ask. I use pam_mount with the following volume definition in the "/etc/security/pam_mount.conf.xml": <volume fstype="cifs" server="server" path="home/%(USER)" mountpoint="/home/%(USER)" sgrp="domain users"

Am 02.11.2015 um 13:12 schrieb buhorojo: > On 02/11/15 12:54, Ole Traupe wrote: >> Hi all, this is not really a Samba question, but related, and I hope >> that some of you are using this and can tell me what I am doing wrong. >> >> On a member server, I can mount my shares by hand specifying "-o >> username=xxx,domain=yyy,password=zzz". But as soon as I

Dear fellow Samba fans, This seems like a blatantly obvious need, but I'm not finding anything in the Samba literature addressing it. Maybe my search-fu is just failing me. I have a collection of Linux machines with multiple simultaneous users. The Linux machines are all running Samba 4.1.7, compiled from the source since my distro (CentOS 6.6) isn't that current. We are operating

Hi, I have a debian server with ldap, samba, smbldap-tools installed and ubuntu clients. I set pam_mount to mount the user's home directories from the ldap-samba server (amahoro) on the clients at login time and this runs. On the server the user's home directories are stored in "/users" like "/users/username". Logging by gdm appears the message: "Could not

We're trying to set up linux based workstations that use a win2k AD/DC for authentication, and pam_mount to mount a share as the user's home directory. It looks like winbind isn't passing on the credentials (although it is getting us logged in). If anyone has made this work, I'd love the details. It looks like winbind isn't passing the auth information thanks jim

Hi everyone, I am having trouble mounting a share on my AD server upon login. I am using pam_mount. Here is log activity when user 'peter' logs in (with Ubuntu client) and is authenticated by AD server. There is a share called 'peter' on the server (netbios name WIN2003) and the mount point is /home/PRIVATE/peter (see later for pam_mount.conf file): ===================== Jul

The setup is a samba server with mixed clients (samba clients and windows clients). The problem, I want the linux client to mount there home to their home share on the server. The problem is, I have followed the guide mentioned below and everything works except that the linux usernames have the format domeinnaam+username as a result of which pam_mount wants to mount

Hi, Is it possible to use Samba as a drop-in replacement for NFS, namely, allowing a system-wide anonymous mount which authenticates access to files based simply on the unix ids of the user accessing the files and the file permissions are equivalent to what is present in the underlying file system that is exported. Thanks, Frood

Hi, i'm probably not the first but i have found no concrete information about my problem... lots of information, nothing helped.. :S so, here's the thing.. i'm running a samba-3.0.22-13.16 server on SLES 9 kernel 2.6.16.21-0.8-default as an nt domain controller, there was a migration to Linux for the workstations so i had to implement WINBIND + PAM_MOUNT. after searching for the

Hi all, I am a bit confused about the usage of pam_mount. Here is my /etc/pam.d/system-auth: auth required pam_env.so auth required pam_mount.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account

I have some (for testing) Debian based client/workstation connected to my AD. Signing to the AD works as a domain/user should. These clients can, via Nautilus file manager, access shares on the file server manually that the *signed in domain user* is permitted to "see". I would prefer to connect these files and the domain user home directory automatically at sign in without manual

Have any of you folks actually managed to get pam_mount working? A quick google shows a ton of messages saying "you can use pam_mount" to automatically mount a user's home directory on log in, but no messages saying "I use pam_mount" etc -- I'm suspecting it might not actually work. Or at least I might not be smart enough to make it work. First -- pam_mount 0.5.11