[Samba] Linux desktop setup with authentication against Samba AD DC
Peter Milesson
miles at atmos.eu
Wed Nov 27 10:14:20 UTC 2024
On 11/25/24 10:29, Rowland Penny via samba wrote:
> On Sun, 24 Nov 2024 20:35:17 +0100
> Peter Milesson via samba <samba at lists.samba.org> wrote:
>
>> Hi folks,
>>
>> YFYI, I've succeeded setting up something that seems workable.
>>
>> When domain users log in on their Linux PCs, they get their
>> /home/<user> folders mapped over CIFS from a Samba or Windows server.
>> When they log out, the /home/<user> folder is unmounted and deleted,
>> and their profile data remains on the server. The whole setup works
>> similarly to redirected folders in a Windows server environment. The
>> setup is intended for casual users that don't need a full blown
>> Windows desktop with M$ 365 and everything else that follows. There
>> are lots of capable desktop applications under Linux, that can
>> replace their Windows counterparts, giving the users a nice full
>> value experience. For companies using mainly web based applications,
>> it's a dirt cheap solution. The hardware is really cheap, and it's a
>> snap to roll out new PCs with all basic settings. Using Samba Linux
>> GPOs, it should be about the same administrative work for the
>> administrator, as with Windows desktop PCs.
>>
>> The setup is based on Debian Bookworm, the display manager is
>> LightDM, and the desktop manager LXDE. Authentication is made with
>> Kerberos to a Samba or Windows AD DC through PAM. PAM-mount is taking
>> care of mapping the user folders from a share with Linux user
>> profiles. The hardest bit was making PAM-mount unmounting and
>> deleting the user folders on the Linux PC during the logout process.
>> It needed some tweaking.
>>
>> Best regards,
>>
>> Peter
>>
>>
> Care to tell us how you set this up ?
> Also why LXDE ? Isn't it the DE that sort of refuses to die ?
> From my understanding LXDE was replaced by LXQt, but, as is possible,
> LXDE was forked and now gets intermittent updates.
>
> Rowland
>
Hi Rowland,
Of course I will share my experiences with the community. I will put it
in a separate post (or posts), as it may be fairly extensive.
Best regards,
Peter
More information about the samba
mailing list