[Samba] GPO in Linux!!

Nico Kadel-Garcia nkadel at gmail.com
Tue Apr 26 05:57:46 MDT 2011 

On Tue, Apr 26, 2011 at 3:33 AM, Yared Berhanu <yaruda at gmail.com> wrote:
> Thank you nico,
>
> I was looking at autofs, but I don't know how to do it with Kerberos enabled
> logins. Is there any tutorial or manual to get start with it? Would you mind
> if you could give me some how-tos if possible for you?
>
> On Tue, Apr 26, 2011 at 3:31 AM, Nico Kadel-Garcia <nkadel at gmail.com> wrote:
>>
>> On Mon, Apr 25, 2011 at 3:54 PM, Yared Berhanu <yaruda at gmail.com> wrote:
>> > Greetings,
>> >
>> > Is there any way to assign Group Policy in Samba 4 AD on linux clients?
>> > I
>> > was trying to implement a logon/logout script which will mount active
>> > directory user's home directory automatically but unsuccessful.
>> >
>> > Sincerely,
>>
>> Why not simply use autofs and a relevant "/home/[DOMAIN]/user"
>> automount table? Keep it out of /home directly to avoid conflicts with
>> other software, but such subdirectories are easily published with
>> automounting tables and even wildcards.

Let's do it on the list. It's very relevant to Samba back end configurations.

I'm assuming that you've got a working upstream storage server that
has the homedirs. Simply installing autofs on the Samba server,
enabling it, and adding an entry to /etc/auto.master that directs
mounting under /home/[DOMAIN]/ to a separate /etc/auto.home.[DOMAIN]
configuration file, enables a file that can use the /home/[DOMAIN]/*
directory for wildcard completion against a specific upstream NFS,
CIFS, or other fileserver is mentioned in the documentation. (I don't
have it in front of me right now, but I've used it.) It's useful to
avoid having to propagate automounting maps.

It gets trickier if there are multiple upstream file servers. In that
case, you'd need to publish an automount table with the user's login
names and various targets, or even publish the wildcard expansion in a
designated order so it would try one, then the other. And woe be to
you if you've got user homedirs on *both* upstream servers!!!! You'll
also want to be cautious in your autofs mounting options, just as you
would for /etc/fstab based mounting. Think, carefully, about whether
you use NFSv3 or NFSv4, especially NFSv4 ACL lists to try nad support
user access similar to that of CIFS. (It's workable in Samba, but not
well integrated, and the Windows clients can't display the settings.)

More information about the samba mailing list