[Lias] Thin Clients and NT Domain logins

Craig Ringer craig at postnewspapers.com.au
Tue Jul 8 13:01:01 UTC 2003 

>>A GUI frontend to the simple bashscript that mounts their home drive
>>A means of automatically unmounting their home drive when they logoff (not really
>>necessary I guess - but good for neatness sake)
> 
> I personally prefer automount for this sort of thing.

I have automounting SMB directory access going here. Unfortunately, 
permissions can be a pain as it seems smbfs uses a single set of 
credentials and then uses the chosen UNIX permissions for all users. 
This is a problem for home directories, but fine for the shared working 
directories I'm using it for here.

In /etc/auto.master I have:

/smb/zeus               /etc/autofs/smb_zeus

and in /etc/autofs/smb_zeus I have (sorry, lines will be mangled):

* 
-fstype=smbfs,uid=1000,gid=1200,fmask=664,dmask=775,credentials=/etc/smb
cred_geek_zeus  ://zeus/&

where '/etc/smbcred_geek_zeus' is the credentials file for the automount.

Using this, I can just cd /smb/zeus/$SHARENAME to get access to the 
share in question, eg /smb/zeus/current for our working editorial copy.

For home directories, you might have to make separate entries rather 
than the wildcard I'm using, since as you can see permissions are 
per-mount.  I hear that the CIFS client developed by the samba folks 
(and in kernel 2.5/2.6) will support windows permissions better, but 
that doesn't help NT users since I don't think NT supports the newer 
CIFS (port 443?) but only the older netbios-over-tcp/ip method.

So you'd be looking at something akin to:
username1 
-fstype=smbfs,uid=username1,gid=1200,fmask=664,dmask=775,credentials=/etc/smb
cred/username1  ://zeus/username1
username2 
-fstype=smbfs,uid=username2,gid=1200,fmask=664,dmask=775,credentials=/etc/smb
cred/username2  ://zeus/username1

etc. It's probably not worth the fuss, unless there's a cleaner way to 
do this that I'm not aware of. Among other things, all user credentials 
need to be stored on the server, which is far from ideal.

You might have better luck sticking to your bash scripts.

Craig Ringer

More information about the lias mailing list