Auto-mounting a windows share on Linux AD login

Question

I've managed to configure my test Ubuntu 10.04 Beta 2 Server VM to accept logins (via ssh) from users who have domain accounts in active directory via Kerberos, nsswitch.conf and PAM configurations.

The final thing I'd like to happen is locating their home directory on a Windows server share. Each domain account ($USER) has a windows share ala: \\winsrvr\users\$USER.

Can someone push me in the direction I need to go?

[edit]

Is it possible to maniupulate the template homedir = /home/%D/%U in the /etc/samba/smb.conf file somehow?

score 3 · Answer 1 · answered Apr 21 '10 at 17:47

3

I use automount/autofs to do this with NFS shares, there is probably a way to do it with windows/samba shares as well.

Here is a howto, but I have never tried it.

answered Apr 21 '10 at 17:47

Kyle Brandt

82,107
71
302
444

+1 This is how i've done it in the past, worked fine. – grufftech Apr 21 '10 at 19:53
Agreed, smbfs and autofs play nicely together. Most of the time. :) – EEAA Apr 23 '10 at 21:52

score 2 · Accepted Answer · edited Apr 13 '17 at 12:14

2

In a related question I got the answer to this one. Use pam_mount in /etc/pam.d. For Ubuntu, sudo apt-get install libpam-mount.

Other question is here.

edited Apr 13 '17 at 12:14

Community

1

answered Apr 23 '10 at 17:42

Jamie

1,274
7
22
39

André Pitanga · Answer 3 · 2010-05-07T15:23:54.660

I for one tried the automount/autofs cifs route but it's really hard going. (Running RHEL5.5 Workstation here.)

I have the linux workstations successfully authenticating on AD via Kerberos, and can mount the shares manually, using the krb ticket granted on login. But can't seems to make it work via autofs, where most often it returns mount error -126.

There's tons of forum posts, etc, with folks trying to do this via autofs but all I can say is that it all seems very brittle. There's lots of complexity under the hood and little details that can go wrong. I'll post my config here in case it helps anyone.

* -fstype=cifs,sec=krb5,user=&,sign,uid=&,rw,filemode=0700,dirmode=0700 ://shareserver.mydomain.edu/Share/&

This fails unless you set UID=0, which prevents regular users from using it securely...

There's so much more to it-- I'll continued if anybody is interested.

By the way, you'll need keyutils installed and put this on /etc/request-key.conf

create cifs.spnego * * /usr/sbin/cifs.upcall %k
create dns_resolver * * /usr/sbin/cifs.upcall %k

By the way, pam_mount sounds good but isn't available on RHEL5.

The howto posted at the top works, but requires a file that a file with the credentials be on the machine, which isn't feasible on public workstations, etc.

I've managed to get this going; I'll be tying all my questions together to summarize. — Jamie, Apr 23 '10 at 20:29

Auto-mounting a windows share on Linux AD login

3 Answers3

Linked