I would like get access to nfs- and cifs shares. Sssd is configured with ad provider. Is it possible to mount cifs share and nfs share on demand with sssd and autofs service?
Med venlig hilsen
Longina Przybyszewska Systemprogrammør, IT-service Tlf.
+45 6550 2359tel:+4565502359
Mobil
+45 6011 2359tel:+4560112359
Fax
+45 6550 2467
longina@sdu.dk
Web
http://www.sdu.dk/ansat/longina
Adr.
Campusvej 55, 5230 Odense M
[cid:image001.jpg@01CF1CEC.2D3373C0] ________________________________
Campusvej 55 · 5230 Odense M · Tlf. +45 6550 1000 · www.sdu.dkhttp://www.sdu.dk/
On Wed, Jan 29, 2014 at 11:24:09AM +0000, Longina Przybyszewska wrote:
I would like get access to nfs- and cifs shares. Sssd is configured with ad provider. Is it possible to mount cifs share and nfs share on demand with sssd and autofs service?
Med venlig hilsen
I think there are several questions here. SSSD can serve autofs maps for the automounter deamon, if the maps are stored in LDAP: https://fedoraproject.org/wiki/Features/SSSDAutoFSSupport
About the CIFS shares, what exactly is the use case? Currently SSSD "only" provides an ID mapping plugin so that SIDs can be mapped to IDs and names: https://fedoraproject.org/wiki/Changes/SSSD_CIFS_plugin
Use case is - we work towards policy, accessing any resources from any platform. All users get per automatic windows share. Additionally, Linux users have primary homedir as nfs mounted share with automount/autofs+ NIs. Some enterprise services have access only to windows share.
Linux desktops, running sssd with AD-provider should be able access both shares.
Best Longina -----Original Message----- From: sssd-users-bounces@lists.fedorahosted.org [mailto:sssd-users-bounces@lists.fedorahosted.org] On Behalf Of Jakub Hrozek Sent: 29. januar 2014 12:54 To: sssd-users@lists.fedorahosted.org Subject: Re: [SSSD-users] sssd-1.11.1 Saucy automount
On Wed, Jan 29, 2014 at 11:24:09AM +0000, Longina Przybyszewska wrote:
I would like get access to nfs- and cifs shares. Sssd is configured with ad provider. Is it possible to mount cifs share and nfs share on demand with sssd and autofs service?
Med venlig hilsen
I think there are several questions here. SSSD can serve autofs maps for the automounter deamon, if the maps are stored in LDAP: https://fedoraproject.org/wiki/Features/SSSDAutoFSSupport
About the CIFS shares, what exactly is the use case? Currently SSSD "only" provides an ID mapping plugin so that SIDs can be mapped to IDs and names: https://fedoraproject.org/wiki/Changes/SSSD_CIFS_plugin _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
This person was able to setup autofs with sssd and samba as their AD server.
https://www.mail-archive.com/sssd-users@lists.fedorahosted.org/msg00810.html
I haven't tried this, but in theory if you make the right settings in MS AD and in the config files for autofs and sssd, it should work pretty much the same.
Since you have to specify where the ou for the automount base is in the autofs config files, you don't actually need to make the automount ou at the base level, but it's up to you and your ad structure on where you want to put it. Then as long as you have krb5, ldap, and everything set right, it should work for
Chris
On Wed, Jan 29, 2014 at 4:06 AM, Longina Przybyszewska longina@sdu.dkwrote:
Use case is - we work towards policy, accessing any resources from any platform. All users get per automatic windows share. Additionally, Linux users have primary homedir as nfs mounted share with automount/autofs+ NIs. Some enterprise services have access only to windows share.
Linux desktops, running sssd with AD-provider should be able access both shares.
Best Longina
On 30/01/14 10:28, Chris Gray wrote:
This person was able to setup autofs with sssd and samba as their AD server.
https://www.mail-archive.com/sssd-users@lists.fedorahosted.org/msg00810.html
I haven't tried this, but in theory if you make the right settings in MS AD and in the config files for autofs and sssd, it should work pretty much the same.
Since you have to specify where the ou for the automount base is in the autofs config files, you don't actually need to make the automount ou at the base level, but it's up to you and your ad structure on where you want to put it. Then as long as you have krb5, ldap, and everything set right, it should work for
Chris
On Wed, Jan 29, 2014 at 4:06 AM, Longina Przybyszewska <longina@sdu.dk mailto:longina@sdu.dk> wrote:
Use case is - we work towards policy, accessing any resources from any platform. All users get per automatic windows share. Additionally, Linux users have primary homedir as nfs mounted share with automount/autofs+ NIs. Some enterprise services have access only to windows share. Linux desktops, running sssd with AD-provider should be able access both shares. Best Longina
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
Fame at last ;-)
Steve Sheriff wrote a Blog about this here: http://linuxcostablanca.blogspot.co.uk/2013/09/samba4-autofs-with-rfc2307bis...
Rowland
That was me. Yes, autofs works with sssd having AD backend (and using RFC2307 schema). No blushing. ________________________________ From: sssd-users-bounces@lists.fedorahosted.org [sssd-users-bounces@lists.fedorahosted.org] on behalf of Chris Gray [fathed@gmail.com] Sent: Thursday, January 30, 2014 11:28 AM To: End-user discussions about the System Security Services Daemon Subject: Re: [SSSD-users] sssd-1.11.1 Saucy automount
This person was able to setup autofs with sssd and samba as their AD server.
https://www.mail-archive.com/sssd-users@lists.fedorahosted.org/msg00810.html
I haven't tried this, but in theory if you make the right settings in MS AD and in the config files for autofs and sssd, it should work pretty much the same.
Since you have to specify where the ou for the automount base is in the autofs config files, you don't actually need to make the automount ou at the base level, but it's up to you and your ad structure on where you want to put it. Then as long as you have krb5, ldap, and everything set right, it should work for
Chris
On Wed, Jan 29, 2014 at 4:06 AM, Longina Przybyszewska <longina@sdu.dkmailto:longina@sdu.dk> wrote: Use case is - we work towards policy, accessing any resources from any platform. All users get per automatic windows share. Additionally, Linux users have primary homedir as nfs mounted share with automount/autofs+ NIs. Some enterprise services have access only to windows share.
Linux desktops, running sssd with AD-provider should be able access both shares.
Best Longina
sssd-users@lists.fedorahosted.org
-
Chris Gray -
Jakub Hrozek -
Longina Przybyszewska -
Ondrej Valousek -
Rowland Penny