+ Post New Thread
Results 1 to 13 of 13
*nix Thread, Ubuntu/AD/home folder in Technical; I'm looking to setup a trial installation of Ubuntu on some netbooks. I would like them to use AD authentication ...
  1. #1
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,379
    Thank Post
    125
    Thanked 97 Times in 66 Posts
    Rep Power
    31

    Ubuntu/AD/home folder

    I'm looking to setup a trial installation of Ubuntu on some netbooks. I would like them to use AD authentication to validate students logins which I've managed in the past with Likewise etc.

    One thing I've never managed to do though is 'map' their home folder in AD so they can access it when logged in. Ideally I would like them to use their AD credentials to login, and then their 'home' is mapped to the AD share, and they use their AD credentials to authenticate with the browser (firefox)

    Anyone done this or have any recommendations?

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,808
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    you need to use pam_mount to automagically mount the cifs share that contains their home directory when they login to the netbook.

  3. #3
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,379
    Thank Post
    125
    Thanked 97 Times in 66 Posts
    Rep Power
    31
    Cheers,I've never heard of pam_mount.

    Any method will do - as long as they don't have to specifiy the paths themselves

  4. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,808
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Depending on the folder structure on the server holding the home dirs you might need to use a bit of scripting fu. It's fairly simple otherwise.

  5. #5
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,379
    Thank Post
    125
    Thanked 97 Times in 66 Posts
    Rep Power
    31
    I'm resurrecting this thread as I've had a bit of time to play around with this. Being a linux noob who tinkers once in a while I've got no scripting ability as such

    On my test system I've got ubuntu 11.10 and likewise - which is logging in domain users nicely.

    Whats the best way to get each users AD 'homefolder' showing on their desktop? I'm not sure how to go about using smbmount pam-mount etc as different year groups will be mapped to different servers/paths etc?

    I'd be glad to see any scripting examples so I can have a closer look?

  6. #6
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,525
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83
    So how exactly did you set up ubuntu to login via domain ?

  7. Thanks to cpjitservices from:

    JJonas (10th January 2012)

  8. #7
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,379
    Thank Post
    125
    Thanked 97 Times in 66 Posts
    Rep Power
    31
    I just did the dead simple way = installed Likewise-open and configured the AD information. Now I can login with AD credentials.

    If I Connect to Server (i.e \\server\share) it connects without requesting authentication which is great, but I'm trying to set this up for students so a link is automatically provided for them

  9. Thanks to Sheridan from:

    JJonas (10th January 2012)

  10. #8

    Join Date
    Feb 2010
    Posts
    87
    Thank Post
    36
    Thanked 2 Times in 2 Posts
    Rep Power
    10
    Quote Originally Posted by Sheridan View Post
    I'm trying to set this up for students so a link is automatically provided for them
    Any success with this? I may be looking to do the same thing.

  11. #9
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,379
    Thank Post
    125
    Thanked 97 Times in 66 Posts
    Rep Power
    31
    Nope - I gave up. I tried asking on a few forums but the general answer is 'write a script' etc etc, and thats the point - I would like to get a starting script to have a look at.

    Plus - our students are mapped to various servers with differing paths (i.e \\server1\year7\astudent, \\server3\year11\astudent etc) so it complicates things.

  12. #10

    Join Date
    Feb 2010
    Posts
    87
    Thank Post
    36
    Thanked 2 Times in 2 Posts
    Rep Power
    10
    Quote Originally Posted by Sheridan View Post
    the general answer is 'write a script' etc etc, and thats the point - I would like to get a starting script to have a look at.
    Meh. Same problem I had last time I tried. Ho hum.

    Thanks for the update.

  13. #11

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,818
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    When I get a chance in the next few weeks I will give it a go with scripting - i will also set it as a challenge for a couple of the kids here who are stupidly clever if i don't have a chance.

    Will post back ASAP.

  14. #12

    Join Date
    Oct 2008
    Posts
    94
    Thank Post
    8
    Thanked 16 Times in 10 Posts
    Rep Power
    27
    I have a very simple solution to this, if your setup happens to match ours at least. I've not actually implemented this myself yet because my proposal to introduce a few Linux machines to our school network was knocked back but I'm confident this could be made to work well enough.

    I don't know how your school runs things but here everybody has swipe cards with an ID number. This ID number is also both their username and the name of their AD network home folder hence user 1234's home folder is located at //server/homefoldershare/1234

    Hence, you can avoid all that nonsense of likewise, samba configs, AD authentication and pam_mounts by simply having a link to either a zenity or kdialog (depending on if you run GNOME or KDE) script that basically prompts the user for first their choice of server (if you have multiple DCs/ samba shares) and then asks them for their username and password then all the script does is run:

    thunar smb://$username:$password@server

    or

    nautilus smb://$username:$password@server

    or

    dolphin smb://$username:$password@server

    Before mounting the share it should warn the user to remember to log-off to unmount their share to prevent others accessing their otherwise private files.

    I'm sure someone will beat me to it as a zenity script to do this would be easily less than 30 lines worth of code - I'm busy today but I'll do it soon if no-one else does!
    Last edited by danboid; 13th February 2012 at 10:43 AM.

  15. #13

    Join Date
    Oct 2008
    Posts
    94
    Thank Post
    8
    Thanked 16 Times in 10 Posts
    Rep Power
    27
    Its also important to note that, with such a script there would be no real need for LDAP or AD auth. to be set up on the Linux box - if you don't mind any old person using said boxes you could just have a regular, non-root user set up with an easy password - logging out of such an account is enough to sever the connection to their smb share.

SHARE:
+ Post New Thread

Similar Threads

  1. Home Folder AD Redirection not working
    By jamiesev in forum Windows
    Replies: 0
    Last Post: 16th August 2011, 01:58 PM
  2. Replies: 19
    Last Post: 31st January 2011, 08:51 AM
  3. GPO for AD Terminal services profile and home folder
    By keogk in forum Windows Server 2000/2003
    Replies: 2
    Last Post: 2nd February 2010, 09:47 AM
  4. Students are installing IM apps to their home folder
    By bwallman in forum How do you do....it?
    Replies: 30
    Last Post: 20th December 2007, 05:31 PM
  5. Replies: 2
    Last Post: 1st August 2007, 10:59 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •