| Installing a test client | ||
|---|---|---|
 | Compile grade Samba settings |  |
| Installing a test client | ||
|---|---|---|
| | Compile grade Samba settings | |
Installing the machine
For client machines as well, we have an unattended install, which preinstalls the Samba client. These substeps list only some Samba-specific parts of the installation.
Making the user mount the right Samba server as their homedir
Mounting the homedirectory is done through pam_mount.
/etc/pam.d/common-auth (or its replacement), should contain:
auth [default=done] pam_ccreds.so action=validate use_first_pass auth [default=ignore] pam_exec.so expose_authtok /usr/sbin/smbpasswdsync.py auth [default=ignore] pam_mount.so auth [default=done] pam_ccreds.so action=store auth [default=bad] pam_ccreds.so action=update
The second line temporarily syncs the Samba password hash to the LDAP server, the third mounts the home directory.
The pam_ccreds lines are for caching of password hashes in case of network downtime.
The mount is configured in /etc/security/pam_mount.conf.xml:
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
<pam_mount>
<!-- Volume definitions -->
<!-- pam_mount parameters: General tunables -->
<debug enable="0" />
<volume fstype="cifs" server="smbtest.my.domain.com" path="%(USER)" mountpoint="/home/%(USER)" options="serve\
rino"/>
<!--
<luserconf name=".pam_mount.conf.xml" />
-->
<mntoptions allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other" />
<mntoptions require="nosuid,nodev" />
<path>/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin</path>
<logout wait="0" hup="0" term="0" kill="0" />
<!-- pam_mount parameters: Volume-related -->
<mkmountpoint enable="0" remove="false" />
</pam_mount>
| |  | |
| GNU tar won't configure on the Samba share: |  | Installing a test server |