Differences

This shows you the differences between two versions of the page.

--- ubuntu:desktop_ad_intergration [2013/12/11 12:37]
tschulz [Link Home Dir Script]
+++ ubuntu:desktop_ad_intergration [2013/12/11 14:15]
tschulz [Link Home Dir Script]
@@ Line 17: / Line 17: @@
 ===== Active Directory Authentication =====
 We will be using Samba or more specifically winbind to authenticate/lookup user via pam
-First we need to make a /etc/samba/smb/conf
+First we need to make a /etc/samba/smb/conf.  This is a example smb.conf be sure to change **workgroup** and **realm**
 <file config smb.conf>
 [global]
@@ Line 75: / Line 75: @@
 ===== Setup share mounting (Pam Mount) =====
-Here is a complete pam_mount config the most important statements are the four volume line that mount the various shares for each user
+Here is a complete pam_mount config the most important statements are these four lines that mount the various shares for each user<file>
+<volume options="uid=%(USER),gid=100" user="*" mountpoint="~/.mnt/public" path="public" server="cfs.sebekaschools.net" fstype="cifs" />
+<volume options="uid=%(USER),gid=100" user="*" mountpoint="~/.mnt/wpkg" path="wpkg" server="cfs.sebekaschools.net" fstype="cifs" />
+<volume options="uid=%(USER),gid=100" user="*" mountpoint="~/.mnt/%(USER)-ffs" path="User Data/%(USER)" server="ffs.sebekaschools.net" fstype="cifs" />
+<volume options="uid=%(USER),gid=100" user="*" mountpoint="~/.mnt/%(USER)-sfs" path="User Data/%(USER)" server="sfs.sebekaschools.net" fstype="cifs" />
+</file>
 <file xml /etc/security/pam_mount.conf.xml>
 <?xml version="1.0" encoding="utf-8" ?>
@@ Line 124: / Line 129: @@
 </file>
 ==== Link Home Dir Script ====
-This is a script that links a users network home directory to a bookmark and nautilus or nemo.  It is designed to be run at login
+This is a script that links a users network home directory to a bookmark and nautilus or nemo.  It is designed to be run at login.
+  * Save script to **/scripts** and **chmod 755 /scripts/link_h.sh**
 <file bash /scripts/link_h.sh>
 #!/bin/sh
@@ Line 186: / Line 192: @@
 ===== Automatic Home Directory creation and skeleton Directory setup  =====
+This is a full common-session pam file the only change is this line <file>
+session required			pam_mkhomedir.so	skel=/etc/skel/ umask=0077</file>
+Notice that we are using /etc/skel for a skeleton dir.
+<file pam /etc/pam.d/common-session>
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+# here are the per-package modules (the "Primary" block)
+session	[default=1]			pam_permit.so
+# here's the fallback if no module succeeds
+session	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session	required			pam_permit.so
+session required			pam_mkhomedir.so	skel=/etc/skel/ umask=0077
+# The pam_umask module will set the umask according to the system default in
+# /etc/login.defs and user settings, solving the problem of different
+# umask settings with different shells, display managers, remote sessions etc.
+# See "man pam_umask".
+session optional			pam_umask.so
+# and here are more per-package modules (the "Additional" block)
+session	required	pam_unix.so
+session	optional			pam_winbind.so
+session	optional	pam_mount.so
+session	optional			pam_ck_connector.so nox11
+# end of pam-auth-update config
+</file>
+Dowload {{:ubuntu:skel.tar|}} and extract it to /etc/skel e.g.
+<file>
+wget http://wiki.sebeka.k12.mn.us/_media/ubuntu:skel.tar
+tar xvf skel.tar -C /etc/skel
+</file>
 ===== Configure Lightdm for Network logins =====
+This is a full lightdm.conf.  I made two changes.
+  - I changed **user-session to ubuntu-2d** because it's a lot nicer on older hardware.
+  - I added **greeter-show-manual-login=true** to allow login of network users.
+<file config /etc/lightdm/lightdm.conf>
+[SeatDefaults]
+greeter-session=unity-greeter
+user-session=ubuntu-2d
+greeter-show-manual-login=true
+greeter-hide-users=true
+</file>

ISD 820 Knowledge Base

User Tools

Site Tools

Differences

Page Tools