similar to: User home directories on a windows server question.

Hi all, this is not really a Samba question, but related, and I hope that some of you are using this and can tell me what I am doing wrong. On a member server, I can mount my shares by hand specifying "-o username=xxx,domain=yyy,password=zzz". But as soon as I put "sec=krb5" in the mount options (and leaving out the password part), I get this error: # mount error(126):

> > If by "key" you meant keytab then you were right. A keytab is a file > dedicated to contains credentials (https://kb.iu.edu/d/aumh or > http://web.mit.edu/Kerberos/krb5-1.12/doc/basic/keytab_def.html). > > Keytab are used when you want to automate actions which need > authentication. When some automated action requires credentials you > have to provide

> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland Penny via samba > Verzonden: woensdag 11 oktober 2017 11:39 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Using GPO to mount shares on Linux > > On Wed, 11 Oct 2017 11:00:59 +0200 > Michael Wandel <m.wandel at t-online.de> wrote: > > >

Am 04.11.2015 um 14:49 schrieb mathias dufresne: > 2015-11-04 13:58 GMT+01:00 Ole Traupe <ole.traupe at tu-berlin.de>: > >> Mathias, thanks again! This sounds like a very reasonable approach. I know >> that with remote ssh and public key authentication you can set the limit to >> a single possible command. is this also possible with AD users? >> > I'm

Mathias, thanks again! This sounds like a very reasonable approach. I know that with remote ssh and public key authentication you can set the limit to a single possible command. is this also possible with AD users? Unfortunately, I don't have 'multiuser' support in my current cifs-utils version 4.8. So I would end up with your designated user being the owner of all the files and

Hi all! As a long slackware user I'm a total noob in pam and I'm banging my head against a wall trying to set it up correctly to play nice with slackware's default pam configuration. One of the things I'm trying to accomplish is to be able to logon while the ad domain is available and have pam_mount automount the samba shares and to be able to do an offline logon and skip the

So finally here is the solution that works for me. If you have any questions, just ask. I use pam_mount with the following volume definition in the "/etc/security/pam_mount.conf.xml": <volume fstype="cifs" server="server" path="home/%(USER)" mountpoint="/home/%(USER)" sgrp="domain users"

>> I mean, putting the key in the keytab looks like a security risk to me. > In what way does it appear any more of a risk than having the keys > which you have there already? Even if someone steals the keytab, > they're gonna be hard pressed to crack the key in the few hours before > the tgt expires. Do you have very sensitive data maybe? Ok. And maybe I misunderstood

Am 02.11.2015 um 13:12 schrieb buhorojo: > On 02/11/15 12:54, Ole Traupe wrote: >> Hi all, this is not really a Samba question, but related, and I hope >> that some of you are using this and can tell me what I am doing wrong. >> >> On a member server, I can mount my shares by hand specifying "-o >> username=xxx,domain=yyy,password=zzz". But as soon as I

Hello, I'm using a Samba 4 as domain server and I've a lot of Windows computers that mounts shared drives on another server through GPO applied by user groups. Is there any way to do something similar on a Linux box, or I've to use a local script? Thanks! -- _________________________________________ Daniel Carrasco Marín Ingeniería para la Innovación i2TIC, S.L.

Hi everyone, I am having trouble mounting a share on my AD server upon login. I am using pam_mount. Here is log activity when user 'peter' logs in (with Ubuntu client) and is authenticated by AD server. There is a share called 'peter' on the server (netbios name WIN2003) and the mount point is /home/PRIVATE/peter (see later for pam_mount.conf file): ===================== Jul

We're trying to set up linux based workstations that use a win2k AD/DC for authentication, and pam_mount to mount a share as the user's home directory. It looks like winbind isn't passing on the credentials (although it is getting us logged in). If anyone has made this work, I'd love the details. It looks like winbind isn't passing the auth information thanks jim

The setup is a samba server with mixed clients (samba clients and windows clients). The problem, I want the linux client to mount there home to their home share on the server. The problem is, I have followed the guide mentioned below and everything works except that the linux usernames have the format domeinnaam+username as a result of which pam_mount wants to mount

Hi, i'm probably not the first but i have found no concrete information about my problem... lots of information, nothing helped.. :S so, here's the thing.. i'm running a samba-3.0.22-13.16 server on SLES 9 kernel 2.6.16.21-0.8-default as an nt domain controller, there was a migration to Linux for the workstations so i had to implement WINBIND + PAM_MOUNT. after searching for the

Hi, I have a debian server with ldap, samba, smbldap-tools installed and ubuntu clients. I set pam_mount to mount the user's home directories from the ldap-samba server (amahoro) on the clients at login time and this runs. On the server the user's home directories are stored in "/users" like "/users/username". Logging by gdm appears the message: "Could not

Hi all, I am a bit confused about the usage of pam_mount. Here is my /etc/pam.d/system-auth: auth required pam_env.so auth required pam_mount.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account

Have any of you folks actually managed to get pam_mount working? A quick google shows a ton of messages saying "you can use pam_mount" to automatically mount a user's home directory on log in, but no messages saying "I use pam_mount" etc -- I'm suspecting it might not actually work. Or at least I might not be smart enough to make it work. First -- pam_mount 0.5.11

I have some (for testing) Debian based client/workstation connected to my AD. Signing to the AD works as a domain/user should. These clients can, via Nautilus file manager, access shares on the file server manually that the *signed in domain user* is permitted to "see". I would prefer to connect these files and the domain user home directory automatically at sign in without manual

Hi ! Has anybody already managed to make pam_mount and winbind working together ? I'm running a linux 7.2 box with samba 2.2.4. I use winbind for user authentication from a win2k server (DEDALE in domain VALBONE). The following command works fine: $ smbmount //DEDALE/SHAREDIR \ /mnt/smb/dedale/sharedir/ -o \

Hello I try to implement pam_mount and I have errors. When I login to ubuntu desktop client I have an error with "mounting read-only" but if later to logon on domain I go to the files application and map the resource shares manually, work fine. Attach the syslog trace: Sep 24 10:22:13 ubuntucliente lightdm[708]: (pam_mount.c:365): pam_mount 2.14: entering auth stage Sep 24 10:22:20