Winbind in the Enterprise
PrevNext

6. Configure the Linux Client

6.1. Install the Software

You will need to install packages for Posix ACLs and automount. 


sudo apt-get install acl autofs

6.2. Build Custom Kernel (Optional)

If you chose not to add NFS ACL support to your file server, then you may safely skip this section. Otherwise, your Debian workstation will need a new kernel as well. If your workstation has similar hardware to the file server, try installing the server's kernel package that we built earlier. If this fails, rebuild a kernel for your workstation with the hardware support it needs. I suggest using the file server's configuration file as a starting point for the workstation build, as it will contain all of the file system options that we have already configured. Again, the important options here are NFS client ACL support, SMBFS support, and CIFS support.

6.3. Configure Automount

To mount user home directories at login, we need to configure the automount service. Open /etc/auto.master and add the following entry. 


/home	/etc/auto.home
This instructs the automount service to mount directories under /home/ according to the rules in /etc/auto.home. Replace /home with the parent directory of your Winbind home directories as specified in this step.

Open /etc/auto.home and add the following rule. 


*  -fstype=nfs,nolock,nosuid  fs-ip-address:/export/home/&
The & in this rule appends the username of the directory being accessed to the NFS mount path. If you were to login as battista, the automount service would mount /export/home/battista/ from the NFS server with IP address fs-ip-address to the directory /home/battista/. Notice that we've included the nolock option. Certain applications fail when accessing files over an NFS locking filesystem. This option appeases those applications.

At this point, I recommend that you create a local sudoer whose home directory lies somewhere outside of the /home directory tree. If something goes wrong and home directories suddenly fail to mount, you will have this local user to administer the appropriate changes[1]. 


sudo adduser --home /admin admin
sudo visudo
Once the sudoers file opens, copy the line for root and change the user to admin.

To activate these changes safely, reboot the workstation.

Notes

[1]

Of course you could also use the root account, but in general you should avoid working as root.

PrevHomeNext
Configure the File Server Configure the Windows Client