[Samba] Automount homes via smb question

Andrew Bartlett abartlet at samba.org
Thu Nov 6 05:25:29 GMT 2003


On Wed, Nov 05, 2003 at 08:39:01PM -0800, Mike Ely wrote:
> 
> On Nov 5, 2003, at 5:30 PM, Andrew Bartlett wrote:
> *snip*
> >> What I need to get working:
> >> A switch so that any domain user logging on will automatically have
> >> home mapped to their share on the win2k server (we have 3 fileservers
> >> for the user accounts).
> >>
> >> In an earlier message, Jerry pointed me to pam_mount.so, which I see 
> >> in
> >> /lib/security, but I don't have any documentation on how to use it, 
> >> and
> >> so far google hasn't brought any joy either.  Can someone help?
> >
> > This is all quite possible, but we need to do a bit of work to
> > intergrate the components.  Currently pam_winbind can't tell pam_mount
> > what server to mount, for example.  Also, we have the problem of
> > special files over CIFS - your Win2k server probably will not like
> > attemptes to create symbolic links.
> >
> > At the very least what we need to do is modify pam_winbind to store a
> > token containing the homedir location, for pam_mount to pinch.
> >
> > Andrew Bartlett
> 
> Ok.  Before I start digging into the source I wanted to ask if this is 
> an appropriate question to put to samba-technical.  Also, to clarify, 
> when you use the word "we" here, are you referring to you and I, or you 
> and the rest of the intrepid Samba team?  While I will happily do what 
> I can, I'm not sure that I'd be much help when it comes to editing much 
> more than a shell script =]

'we' probably referes to whowever decides do take on doing some code
in this project ;-)

It isn't actually that hard.  What you need to do is cause
nsswitch/winbind_pam.c to return the extra information as in a
structured string format.  pam_winbind then reads the extra strings
off the end of the logon reply, and stashes the information away.  We
already return the NDR encoded form of this data, but that isn't much
use for external tools such as pam_mount.

File a bug against this, so it can be tracked.  pick ntlm_auth as the
component (that is where the implementation should start, then put it
into pam_winbind).

Andrew Bartlett




More information about the samba mailing list