Cifs on nethserver 7

migrate
migration
v6
v7
openldap

(Wolfgang Höfer) #1

NethServer Version: 7
Module: samba
Hi,

it’s been a rather long time, nethserver 6 running like charm … now working on an upgrade to
V7 on my network. Could it be, that it is no longer possible to mount the (home) directories via cifs,
if I use LDAP? This would be a very very big problem for me (and possibly the end of Nethserver in
my network! ), because i run a pure linux-Network and don’t want to use “things” like likewise (or the
followup-product)

Regards
Wolfgang


(Markus Neuberger) #2

Hi @Wolfgang_Hofer,

Yes, I tried it and with NS6 you could share cifs home folders next to openldap. It seems CIFS moved completely to the AD part in NS7 except of guest shares, which makes sense IMO. Do you have to use LDAP as it should work with AD without likewise etc:

Nooo, I’m sure we will find a better solution :slight_smile:


(Rob Bosch) #3

If you run linux-only, WHY would you want CIFS?
Use nethserver-nfs to share your docs…


(Wolfgang Höfer) #4

Hi,

NFS would have been my first choice when i tried N6 two years ago, but didn’t manage to get
it working. There was no documentation related to this topic :frowning:
That was the reason, i used cifs. One thing i like now about cifs, is that not all folders are mounted for
every user. It depends on the group-memberships of the user. I don’t think, that’s possible with NFS.

I will give i a try, but it will have to wait a week or two :frowning:

But thank you for the link!

Regards
wolfgang


(Wolfgang Höfer) #5

Hi,
I will try this way in the next few days, but i don’t know, if I can migrate the old LDAP-Database in an AD-Tree.
Btw: “Neuberger” sounds german? Right? Could make it simpler, when talking about Details :slight_smile:

Regards
Wolfgang


(Markus Neuberger) #6

That’s right, I am from Vienna, Austria but we should try to keep it English so others may also be able to read it and maybe help.


(Wolfgang Höfer) #7

No Problem - it’s just for the case :slight_smile:
My location is Passau …

Do you know if the authentication-provider can be migrated to each other?
It’s a question of a “Systemchange without downtime” and I have to limit the
work for me - I’m just a “one-man show” :frowning: and have to do this job parallel
to my “real” job …


(Markus Neuberger) #8

I didn’t try it as I started with NS 7 but it should be possible:

http://docs.nethserver.org/en/v7/upgrade.html#accounts-provider


(Michael Träumner) #9

What is about using a logon-script?


(Wolfgang Höfer) #10

Hi,

for the nfs-mount?

I have two problems with this solution :slight_smile:

  1. ( can be elabrated) … when has th script to be run for a succesfull login
    Is /etc/xdg/autostart too late? If yes, where should it be located?

  2. (worse) Different users may have access to different shares on /var/lib/nethserver/ibay. With cifs that works out of the box, with a login script I’ll have do customize for each user - or do you have an idea for a "universal"
    login-script?

Regards
wolfgang


(Michael Träumner) #11

I didn’t think about your clients. With RSAT tool you can lodge a logon script for every user at AD, but I don’t know if linux clients could work with this.

The solution for windows clients is from @mrmarkuz

How do I setup logon.bat scripts for my AD users?

Perhaps Markus knows something more about it.


(Wolfgang Höfer) #12

RSAT ist for windows - not for “my world” :slight_smile:
but thank’s
For me it is the question “have i really to switch over to AD or can I use a pure Linux-solution like openldap”.
(would be “poor” if the Linux-World has to use AD for a working infrastructure)


(Markus Neuberger) #13
  • You may keep LDAP and use NFS while setting network access for samba in network services to none. This way you won’t have samba guest shares in your network but are still able to use NFS, you could authenticate via openldap and configure NFS share access through IP and GID. It’s explained in the NFS links already posted.

  • You may change to AD and use CIFS which allows ACLs.

http://docs.nethserver.org/en/v7/accounts.html#choosing-the-right-account-provider