[COLUG] ActiveDirectory integration: home directories
Joseph Fannin
jhf at columbus.rr.com
Wed Aug 23 18:16:57 EDT 2006
On Wed, 2006-08-23 at 08:33 -0400, Scott Merrill wrote:
> We're in the process of building a new Windows Active Directory domain
> using Windows Server 2003 R2. We want to have a lab populated with
> Linux machines, which will be deployed via Kickstart, and integrated
> into the AD. I have Kickstart working, and I've successfully tried
> several of the AD integration options (winbind, plain ol' kerberos+LDAP)
> and account _authentication_ seems to be working fine so far.
>
> We want to provide a single home directory for our students in addition
> to single sign-on; so that the student's resources are available from
> any machine they choose to use. This is proving to be the problem.
>
> The home directories for our test implementation reside on our AD
> controller. I've shared the home folder (C:\Home) as both a CIFS share
> and an NFS share (using Windows NFS services bundled with Win2K3 R2).
> The RHEL workstation can mount the NFS share, but cannot see any of the
> contents of that share:
> [root at rhel ~]# mount fqdn.ad.example.com:/Home /mnt
> [root at rhel ~]# ls /mnt
> ls: /mnt: Permission denied
Ok, dumb question -- how are the Unix UIDs mapped to Windows?
Being root on the linux box doesn't mean you have any permissions on
the Windows NFS share -- in fact, I'd sort of expect it to give you less
than with a "normal" UID (assuming some sort of UID mapping is in
place).
More information about the colug432
mailing list