NFS vs SAMBA -- remote shares from UNIX/Linux clients

Greetings !!

I use since a long time now the samba server because I have the feeling that the directive path=/shares/%u has no equivalent with nfs.
The problem is the following: there is this god ********** “x” (execute flag) that can not be removed from the file system ^^

Using NFS I have no particular issues concerning the permissions on the target file system shared this way.
But using NFS, I have to specify the different IPs for each client about to connect to their remote user space and I can not simply specify %u to drive the client to the correct folder corresponding to the refered user.
Those IPs are about to be different from classes to classes, in my lab’ we have 192.168.x.x addresses and in other schools and classes I got 10.x.x.x and 172.16.x.x addresses :{

Is there a simple way to get rid from the specific IPs of the users in the idea to connect to their specific share folder using NFS protocol ?
I could set the exports to * but how can I detect the host’s name in order to drive it to the right share (i.e: /server/students/thisuser instead of /server/students/thatuser worse: /server/students) ?

I heard about NIS, IDMAP (using samba), LDAP (for authorization) <-> must say that encryption is not required at all.

Here is the “for now” share configuration of my samba server

  path = /datas1/serveur/saintmartin/élèves/%u/
  read only = No
  valid users = @eleves hurukan
  hosts allow =

  vfs objects = full_audit
  full_audit:failure = connect
  full_audit:success = connect disconnect rename unlink rmdir open   
  full_audit:prefix = %u-%m|%I|%S%R:%a]{%T}


**  case sensitive = yes
  preserve case = no
  store dos attributes = no

  nt acl support = no
  map archive = no
  map system = no
  map hidden = no
  map readonly = no

  inherit acls = Yes
  acl allow execute always = no**

The “global” settings related to the permissions are here:


  unix extensions = Yes
  #wide links = Yes
  follow symlinks = Yes

  strict sync = no
  sync always = no

  mangled names = no

The previous configuration was unix extensions = No and wide links = Yes.
But I do no use wide links anymore but some symbolic links but very rarely on this share point.

Employing NIS is probably the right way to go, but it does require some effort/knowledge to get working properly.

Some useful info to help you evaluate/get started…

Another option that may be less onerous to implement for small user groups may just to be consider using SSHFS perhaps…