Attribute to pick up a server?

Hi list,

I've asked on pam_mount list but it seems I'd better try here.

I've configured ubuntu stations to authenticate with openLDAP and
mount home directories with pam_mount. It works well but...

There are 2 (geographical) places with one server on each. Each server
holds CIFS home directories. Each user has its home only on *one*
server, not both. There are ubuntu stations on both places.

I would like, wherever a user logs in, that he can access his home
directory on the right server, but I need to tell pam_mount on which
server the CIFS share is.
I would like to store this information in LDAP, retrieve it thanks
pam_ldap when the user logs in, so pam_mount can use it (like
homeDirectory for instance).

Retrieving the name server that shares the user's home directory is a
job for pam_ldap, isn't it?
Is there any LDAP attribute designed for this purpose?
Is it implemented in pam_ldap?

If it is not, do you know a way to make pam_ldap to retrieve a LDAP
attribute and export it into an environment variable?


Thank you for your help

--
Maxime CHARPENNE
Université d'Avignon et des Pays de Vaucluse - CRI
Tél. : +33 4 90 16 26 05

getent (the one which gives to you your $HOME) syscal is provided by nss, in this case nss_ldap
maybe you should take a look to autmount, somehow modified for cifs servers.....


----- Original Message -----
From: "Maxime" <maxime.charpenne@...>
To: pamldap@...
Sent: Friday, May 22, 2009 7:15:49 AM (GMT-0300) Auto-Detected
Subject: [pamldap] Attribute to pick up a server?

Hi list,

I've asked on pam_mount list but it seems I'd better try here.

I've configured ubuntu stations to authenticate with openLDAP and
mount home directories with pam_mount. It works well but...

There are 2 (geographical) places with one server on each. Each server
holds CIFS home directories. Each user has its home only on *one*
server, not both. There are ubuntu stations on both places.

I would like, wherever a user logs in, that he can access his home
directory on the right server, but I need to tell pam_mount on which
server the CIFS share is.
I would like to store this information in LDAP, retrieve it thanks
pam_ldap when the user logs in, so pam_mount can use it (like
homeDirectory for instance).

Retrieving the name server that shares the user's home directory is a
job for pam_ldap, isn't it?
Is there any LDAP attribute designed for this purpose?
Is it implemented in pam_ldap?

If it is not, do you know a way to make pam_ldap to retrieve a LDAP
attribute and export it into an environment variable?


Thank you for your help

--
Maxime CHARPENNE
Université d'Avignon et des Pays de Vaucluse - CRI
Tél. : +33 4 90 16 26 05

Gustavo Panizzo <gfa> a écrit le 25.05.2009 01:37:
> getent (the one which gives to you your $HOME) syscal is provided by nss, in this case nss_ldap
> maybe you should take a look to autmount, somehow modified for cifs servers.....
Thanks for your reply. You made me read more doc about automount.

Auto.master and its key feature would have been great in my case. As I
use CIFS shares, I need to provide user password to mount.

I've seen to ways to provide password to mount.cifs:
 - plaintext password files for credentials option but it's dirty
(password in clear text... LDAP is more appropriate for that) and
unmaintable (several thousands users).
 - the PASSWD environment variable but my users can't be aware of this
security weakness. I would prefer a SERVER env variable...

Password is an issue with automount.

Pam_mount handles user password (and it is designed for as it is a PAM
module). I need a LDAP attribute specifying the CIFS share server name
(something like automountInformation). Do you know something about that?


Anyway, thanks for reading this.

--
Maxime CHARPENNE
Université d'Avignon et des Pays de Vaucluse - CRI
Tél. : +33 4 90 16 26 05