[Samba] Mount AD home directory and login on Ubuntu Workstations

Giovanni Caini gcaini95 at gmail.com
Wed Feb 6 18:02:34 UTC 2019 

Hi,
In a school environment, I have a server (NEWTON) that acts as AD DC
(domain DIDATTICA) and another one (EULER) that acts as File Server (Domain
Member of DIDATTICA).
Both of them have Ubuntu Server 16.04.5 LTS and Samba 4.9.1. (At the bottom
I attached their smb.conf).
The users are divided in groups: students, teachers, admin. Each user has a
"home directory" where can save his files. Teachers must be able to acces
students directory, Admins must be able to access teachers and students
directory. I have created a share (on EULER) for every group and I have set
Windows ACL to give right access, as in the wiki (In each share there are
all the personal folders of the user of that group.).
In ADUC I have set Home Folder: connect to H: and the path (e.g.
\\euler\studenti\john.smith).

On Windows workstation, everything works fine. Users login and in found
their personal folder on H: .
On Ubuntu Desktop 18.04 workstation (member domains), how can I set up
automatic mount of those folders (with an eventually dekstop shortcut)? How
can I set up gnome login using domain credentials, without save changes to
home folder on logout (like ghost user)?

Thanks,
Giovanni


###################### NEWTON smb.conf #######################
########################## AD DC #############################
[global]
        dns forwarder = 10.54.0.254
        netbios name = NEWTON
        realm = DIDATTICA.FERMI
        server role = active directory domain controller
        workgroup = DIDATTICA
        idmap_ldb:use rfc2307 = yes
        ldap server require strong auth = No

[netlogon]
        path = /usr/local/samba/var/locks/sysvol/didattica.fermi/scripts
        read only = No

[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No
###############################################################

######################## EULER smb.conf ########################
########################## File Server ###########################
[global]
        workgroup = DIDATTICA
        realm = DIDATTICA.FERMI
        netbios name = euler
        security = ADS
        log file = /var/log/samba/%m.log
        log level = 1
        idmap config * : backend = tdb
        idmap config * : range = 3000-7999
        idmap config DIDATTICA : unix_nss_info = yes
        idmap config DIDATTICA : unix_primary_group = yes
        idmap config DIDATTICA : backend = ad
        idmap config DIDATTICA : range = 20000-100000
        idmap config DIDATTICA : schema_mode = rfc2307
        username map = /usr/local/samba/etc/user.map
        template homedir = /home/%D/%U
        template shell = /bin/bash
        vfs objects = acl_xattr
        map acl inherit = Yes
        store dos attributes = Yes
[Studenti]
       path = /srv/samba/studenti/
       read only = no
[Docenti]
       path = /srv/samba/docenti/
       read only = no
[Classi]
       path = /srv/samba/classi/
       read only = no
[Varie]
       path = /srv/samba/varie/
       read only = no
[Admins]
       path = /srv/samba/admins/
       read only = no
###############################################################

More information about the samba mailing list