[Samba] pam_mount issue

[Trog]

Ladies and Gentlemen, Greeting and Felicitations!

We are running FC1 (Samba 3.0.2) and pam_mount 0.9.20.  The Linux 
machine is a domain member, which has PDC and file server running NT4.

I have setup Samba and winbind such that a user may log in on the Linux 
machine without having a local account, authentication being handled by 
PDC and this works successfully.  If I login as an ordinary user, (one 
who is just a member of the users group), and access a shell prompt, I 
can mount my NT share with the command :-

/usr/bin/smbmount //SERVER2/martin /home/RMNETNT/martin/WORKAREA -o 
"username=martin"

I am prompted for my password, which I enter, and I can then see the 
files that live on the NT file server.  I cannot get this mount to 
happen automatically with pam_mount however.  I have debug enabled in 
/etc/security/pam_mount.conf and the two other "interesting" lines are

smbmount /usr/bin/smbmount //%(SERVER)/%(VOLUME) %(MNTPT) -o "username=%
(USER)%(before=\",\" OPTIONS)"
volume * smb SERVER2 & ~/WORKAREA uid=&,gid=&,dmask=0700 - -

The debug messages displayed give nothing away as to why it fails; the 
comment "mount errors (should be empty)" is very confusing, as the 
directory /home/RMNETNT/martin/WORKAREA is empty, not that should make 
any difference to the mount command.  Snippet of /var/log/messages :-

Aug  6 12:56:07 marge pam_winbind[19420]: user 'RMNETNT\martin' granted 
acces
Aug  6 12:56:07 marge pam_winbind[19420]: user 'RMNETNT\martin' granted 
acces
Aug  6 12:56:07 marge gdm(pam_unix)[19420]: session opened for user 
RMNETNT\martin by (uid=0)
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: path to luserconf 
set to /home/RMNETNT/martin/.pam_mount.conf
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: reading 
options_allow...
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: reading 
options_deny...
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: reading 
 options_require... 
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: back from global 
readconfig
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: going to readconfig 
user
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: back from user 
readconfig
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for 
&
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wild
card for /home/RMNETNT/martin/WORKAREA
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for 
uid
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for 
&
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for 
gid
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for 
&
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for 
dmask
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for 
0700
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: expand_wildcard for
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: real and effective 
user ID are 0 and 0.
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: checking sanity of 
volume record (RMNETNT\martin)
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: about to perform 
mount operations
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: information for 
mount:
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: --------
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: (defined by 
globalconf)
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: user:          
RMNETNT\martin
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: server:       
 SERVER2
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: volume:        
RMNETNT\martin
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: mountpoint:    
/home/RMNETNT/martin/WORKAREA
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: options:       
uid=RMNETNT\martin,gid=RMNETNT\martin,dmask=0700
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: fs_key_cipher:
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: fs_key_path:
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: use_fstab:   0
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: --------
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: checking to see if 
//SERVER2/RMNETNT\martin is already mounted at 
/home/RMNETNT/martin/WORKAREA
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: checking for 
encrypted filesystem key configuration
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: about to start 
building mount command
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: mount errors (should 
be empty):
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: SMB connection 
failed
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: waiting for mount
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: mount of 
RMNETNT\martin failed
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: error waiting for 
child
Aug  6 12:56:07 marge gdm-binary[19420]: pam_mount: done opening session

I have tried different permissions on the volume line, eg dmask=0755, 
777, to no avail, and I have tried adding ",workgroup=RMNETNT" after the 
dmask, which made matters worse; a new directory was created 
/home/RMNETNT/martin/RMNETNT/martin and still the mount failed.

I am at a complete loss as what to do to get this working.  I assume 
that many hundreds of sites have a similar setup to ours, and have 
managed to get this working.  Is some kind soul prepared to explain to 
me what these error messages mean or to publish their configuration 
files?

Thanks
Martin
--
Martin Woolley
ICT Support - Handsworth Grammar School
sysadmin at handsworth dot bham dot sch dot uk