I’ve been working on homologate openSUSE for our company.
As we use a Active Directory structure, I used the documentation from SLED and was perfectly able to join the DOMAIN using the WINDOWS DOMAIN MEMBERSHIP tool.
However, I want to use the “expert configuration” to auto mount windows directories in the local machine.
I entered in yast2>windows domain membership>expert settings>mount server directories
Do you guys have any how-to of using this?
I tried this configuration:
name server: 192.168.4.x (IP of server)
remote path: /sistema
local path: /mnt
options: user=%(DOMAIN_USER)
This is the last step to homologate SUSE for us. Do you guys have any kind of help to give me?
Do you want the mount to be mounted when a user logs into the system
or
Do you want the mount to be constantly available and automounted on system startup?
The problem with the first one is that pam_mount is incompatible with openSSH’s privilege separation and you have to disable that in order for that to work and I find it as a “poor solution”.
It will then mount the windows mount whenever the user enters that directory via shell or a GUI program.
Note, this will only be useful in a system where the local user does not have root permissions and cannot read your password file. If that is the case, you need to look for alternatively solutions such as disabling privilege separation.
Autofs did not solve my problem because I need the share to be mount, with the AD user permissions, but at a specifc path. My ERP need it to be mount, with the user permissions, to work properly.
Thats why I was trying to do this using WINDOWS DOMAIN MEMBERSHIP from SUSE to do this.
If the only way is to use fstab or autofs, those solutions are not integrated to AD, so its not worth to use it in our enviroment because we need this integration.
One thing I need to know before I draft you a quick how-to is whether you need this functionality when logging in through locally with a graphical user interface or via SSH?
And if you need it locally after logging via a login manager, do you use GNOME or KDE?
If you’re supporting more than just a couple Linux clients in an AD, you should consider installing an AD Linux extension like Centrify or Likewise Open.
Then, you should be able to configure your client machines centrally. using common AD objects like GPO.