[Samba] domain-free multi-user use cases

cn at brain-biotech.de cn at brain-biotech.de
Mon Oct 25 07:02:15 UTC 2021


Am 25.10.21 um 02:48 schrieb Eric Levy via samba:
> NFS won't do exactly what I want. One issue is that numeric user
> identifiers are required to match across systems, but even working
> around this inconvenience, the larger issue is that without Kerberos,
> NFS mounts are not protected by authentication.

Ok I didn't catch that you wanted to have authentication.

> 
> iSCSI obviously is not file sharing. Multiple clients cannot access the
> same iSCSI device simultaneously, and any client accessing the device
> must be able to use the underlying file system.

You talked about one client at the moment so I thought for one client 
this would work.


> I think I once reviewed a discussion about why autofs features offer
> limited support for user directories the wawy you suggest. If a guide
> for getting to this to work is available, I would review it, even
> though the effect would not be exactly the same as a multiuser mount.

Looking at it again. Autofs has the same limitation as the multiuser 
mounts in the kernel. It only works with Auth methods that do not use a 
password. However, pam_mount does work. It uses the password that the 
user uses at login to mount the shares.

https://support.rstudio.com/hc/en-us/articles/360044190234-How-to-mount-a-Windows-SMB-CIFS-share-via-PAM

https://www.bu.edu/engit/knowledge-base/linux/opensuseatbu-pam_mount/

Here is an example I used to use before autofs (as I have a Domain in 
the background)

<!-- volume user="*" options=nodev,vers=3.1.1" fstype="cifs" 
server="FQDN" path="data" mountpoint="/home/%(USER)/data/" />

So this mounts the share as the logged in user with their local 
password. Username and password have to match that on the Server.
So each user would have the share mounted in their home directory in 
this case.

Regards

Christian

-- 
Dr. Christian Naumer
Vice President
Unit Head Bioprocess Development

BRAIN Biotech AG
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail cn at brain-biotech.com, homepage www.brain-biotech.com
phone +49-6251-9331-30 / fax +49-6251-9331-11

Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Adriaan Moelker (Vorstandsvorsitzender), 
Lukas Linnig
Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen



More information about the samba mailing list