Automount Samba home directory?

[Art Wildman]

Matthew Galgoci wrote:
>> Date: Tue, 20 Feb 2007 11:33:56 -0600
>> From: Christopher Angel <Christopher.Angel at lightsource.ca>
>> Reply-To: redhat-sysadmin-list at redhat.com
>> To: redhat-sysadmin-list at redhat.com
>> Subject: Automount Samba home directory?
>>
>> Hi all,
>>
>> We're trying to set up a system where clients can automount a Samba home
>> directory as their home dir.
>>
>> Our problem - Samba requires a login/password to allow you to mount a
>> directory, which, even though the username is easy to parse out during
>> login, the password required isn't.
>>
>> Anyone know of a method we can use?
>>     
>
> Is the user credential system used by the cifs server active directory-like? You might be
> able to do something where you grab a kerberos ticket from the user at login, authed against
> the AD server, which is then used to provide the user credentials for the samba/cifs mount?
>
> I'm talking entirely theoretically here, I've never messed with active directory. It's crazy
> enough that it might end up being workable though.
>
>   

I assume your 'clients' are WinXP? Mapping & mounting the %HOMESHARE% is 
usually done via smb.conf, winbind, and your logon.bat script stored in 
a 'netlogin' location, depending on your samba server type, auth 
mechanism and domain architecture.

@echo off
rem # logon.bat - NT/SMB logon script
rem # use DOS-formatted text (CR/LF CTRL-V, CTRL-M)
echo Executing Samba Logon Script
echo ""

rem ......  Reset the current time to the Samba server
rem .... 'time server = yes' is required in /etc/smb.conf
echo Setting Current Time...
net time \\SMBSERVER /set /yes

echo Mapping Users "home" directory
net use H: \\SMBSERVER \home\%U%


If you login to a Samba Member Server, PDC or WindowsAD Domain, $HOME is 
automatically mounted (once authenticated) for that user if defined in 
your smb.conf, winbind settings & configured in your logon script. You 
don't want to auth users (bad idea)? You may have to map the share in a 
login script... but, the $HOME share is a built-in feature of samba 
servers and can be mounted via 'smbmount' commands.
http://samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html
#============================ Share Definitions 
==============================
[homes]
    comment = Home Directories
    valid users = %S
    browseable = no
    writeable = yes

# Un-comment the following and create the netlogon directory for Domain 
Logons
; [netlogon]
;   comment = Network Logon Service
;   path = /home/netlogon
;   guest ok = yes
;   writable = no
;   share modes = no

# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
;    path = /home/profiles
;    browseable = no
;    guest ok = yes
#=======

Some global samba server settings are important for this to work 
[Example of Samba Domain Member Server]...
http://samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html#fast-member-server
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ServerType.html

For Auto-mounting smb shares on Linux clients, a rather ugly hack exists 
here...
Automating Mounting With Linux SAMBA Clients
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch11_:_Sharing_Resources_with_Samba#Automating_Mounting_With_Linux_SAMBA_Clients

More info about the specific clients, auth and domain setup would be 
needed (smb.conf), but much of this is covered in the fine docs 
(including ways to auth against a WinAD or LDAP+Kerberos servers)...

Samba-3 HOWTO and Reference Guide - Winbind: Use of Domain Accounts
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html

Samba by Example: Chapter 5. Making Happy Users
http://samba.org/samba/docs/man/Samba-Guide/happy.html

-HTH Art at JAX

-- 
Art Wildman - NWS JAX FL. - http://www.srh.noaa.gov/jax
"If the thunder don't get you, then the lightning will..." - Grateful Dead