Installing a test client

  1. For client machines as well, we have an unattended install, which preinstalls the Samba client. These substeps list only some Samba-specific parts of the installation.

  2. Mounting the homedirectory is done through pam_mount. /etc/pam.d/common-auth (or its replacement), should contain:

    auth [default=done] action=validate use_first_pass
    auth [default=ignore] expose_authtok /usr/sbin/
    auth [default=ignore]
    auth [default=done] action=store
    auth [default=bad] action=update

    The second line temporarily syncs the Samba password hash to the LDAP server, the third mounts the home directory. The pam_ccreds lines are for caching of password hashes in case of network downtime. The mount is configured in /etc/security/pam_mount.conf.xml:

    <?xml version="1.0" encoding="utf-8" ?>
    <!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
                    <!-- Volume definitions -->
                    <!-- pam_mount parameters: General tunables -->
    <debug enable="0" />
    <volume fstype="cifs" server="" path="%(USER)" mountpoint="/home/%(USER)" options="serve\
    <luserconf name=".pam_mount.conf.xml" />
    <mntoptions allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other" />
    <mntoptions require="nosuid,nodev" />
    <logout wait="0" hup="0" term="0" kill="0" />
                    <!-- pam_mount parameters: Volume-related -->
    <mkmountpoint enable="0" remove="false" />