Thanks for the replies.
I made some progress but not the whole way there just yet. I’m pretty sure it has to do with something I did.
So i followed this how-to but it did not work for me. I made the changes from this support request, and still no luck.
This is where I am:
The AD is:
ad.nethserver.lan
The AD IP is:
10.0.0.3
The user folders get created on the correct folder ( /var/lib/nethserver/home ) when I test my settings with:
su myusername@nethserver.lan
I can find the folder on my NS server, it resides at /var/lib/nethserver/home
I can not access the folder on the AD IP ( 10.0.0.3 ) if I mount it manually.
However If I mount the IP of my Green port ( 10.0.0.2 ) and login using my login details, I can access the folder. ( myusername@nethserver.lan with the correct password).
Where I think I messed up:
Looking at the output of:
local@client02:~$ su myusername@nethserver.lan
Password:
(mount.c:72): Messages from underlying mount program:
(mount.c:76): mount error(2): No such file or directory
(mount.c:76): Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
(pam_mount.c:522): mount of myusername@ad.nethserver.lan failed
Invalid user name
su: failed to execute /usr/libexec/openssh/sftp-server: No such file or directory
Invalid user name
(mount.c:72): umount messages:
(mount.c:76): umount: /home/myusername@ad.nethserver.lan: no mount point specified.
(mount.c:886): unmount of myusername@ad.nethserver.lan failed
The ad.nethserver.lan part of the domain seems to be part of the issue, and hopefully hints at were I messed up, to someone who knows what they are doing.
This is what I have added to /etc/security/pam_mount.conf.xml (i have played around with both IP addresses, with the same result):
<volume user="*" fstype="cifs" server="10.0.0.3" path="%(DOMAIN_USER)" mountpoint="/home/%(DOMAIN_USER)" options="nosuid,nodev" /> <mkmountpoint enable="1" remove="true" />
And this is my /etc/sssd/sssd.conf :
[sssd]
domains = ad.nethserver.lan
config_file_version = 2
services = nss, pam
debug_level = 0[domain/ad.nethserver.lan]
default_shell = /bin/bash
krb5_store_password_if_offline = True
cache_credentials = True
krb5_realm = AD.NETHSERVER.LAN
realmd_tags = manages-system joined-with-adcli
id_provider = ad
fallback_homedir = /home/%u@%d
ad_domain = ad.nethserver.lan
use_fully_qualified_names = True
ldap_id_mapping = True
access_provider = ad
debug_level=0
Please tell me that I’ve committed a really simple mistake 