| 1 |
Has anyone here had experience using pam_mount with a kerberos/Active Directory environment? I've been using Samba winbind to authenticate users on our linux workstations to our Windows Active Directory domain. Their home directories were created on login, on the local machine, via pam_mkhomedir. That all works fine by itself. Now I would like to take this one step further and have /home mounted from a remote windows share, still using pam_winbind and pam_mkhomedir for the usual functions. I've been working through it and progress has been pretty slow. I've had trouble getting the order of the modules correct in system-auth, and getting pam_mkhomedir to create the home directories on the remote shares. I'm certain the permissions are fine, and I can get the remote share mounted. The furthest I got was having the remote share mounted as home, and then X crashed and wrote errors to the share, because pam_mkhomedir failed to copy the skeleton home directory. Even when I got that far, I don't think I had the pam modules configured in the right order. I've had a lot of odd issues like getting prompted twice for passwords, getting prompted for the password before the username, ...obviously I'm not getting the order of the modules correct and sorting out what is and isn't necessary! Anyway, if anyone has something like this working and can give me a sample system-auth I would definitely appreciate it. I've looked through the pam documentation and it just hasn't helped me much so far, and the examples they had on the pam_mount website didn't help much either. |
Archives