[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 922
  • Last Modified:

Ubuntu OpenLdap sync home directory from client to server

I have recently setup Ubuntu ldap client authentication on karmic and lucid desktop clients and the ldap server is running on an 10.04 LTS server and this is the links I followed for client setup and probably this also works for 11.04. I could able to login to clients with the ldap user accounts and also, on the clients I used an entry session required pam_mkhomedir.so umask=0022 skel=/etc/skel in pam.d/common-session to automatically create the home directory on client computers when the user logs in for the first time. I know there would be a way to synchronize the home directory from Client to Server so that users have their documents on client and as well as on server.

I have to setup the following:
1. Synchronize the home directory from client to server so that users have their documents on both client and server.
2. Some kind of setup which allow to login and work offline even when the LDAP server is not reachable or down.

Anybody could instruct me please?, Thank you!
0
Thyagaraj03
Asked:
Thyagaraj03
  • 7
  • 6
3 Solutions
 
Christopher Raymond MendozaCommented:
Hello, are you planning to mimic the 'Enable offiline files' feature of windows?
0
 
Thyagaraj03Author Commented:
Exactly, I thought so if possible, like we do for shared folders. And also I'm not sure of the 2nd point if it's possible.
0
 
Thyagaraj03Author Commented:
like a roaming profile in windows(ofcourse I never go it working perfectly), but especially I want the home directories to be synchronized to or from server and so anybody can login to any machine and have their documents and files.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
Christopher Raymond MendozaCommented:
So far the best we have done is mount a share after login via scripts and features. The share itself is hosted thru samba in one of our servers.

Certain folders, such as Documents and .purple, are then symlinked from the said share into the home folder. We had to do this since some files, such as those in the .config folder are dependent on the hardware (and OS version) being used, which sometimes cause unpredictable results.

We did not proceed to the sync part since our company setup makes it it is less efficient. I think I can try to find the packages needed should you be interested in our setup.
0
 
Thyagaraj03Author Commented:
I am interested if the clients doesn't give me trouble every time as you excellently pointed hardware issue. And Samba.... I am not sure of editing ldap server config files again because I am never successful in recovering the corrupted ldap configs and everytime I had to revert the VM and do it again. So if it requires major changes to ldap configs on server, it probably won't interest me unless I get some expert knowledge on ldap. Try your best, I try to imitate you if it's feasible by me.

Thanks you!
0
 
Christopher Raymond MendozaCommented:
Hello Thyagaraj03,

I will send you the details as soon as I reach the office, probably in 12 hours. It is still  night time here.

Have a nice day.
0
 
Christopher Raymond MendozaCommented:
Hello Thyagaraj03,

As promised.

We use pam_mount to automatically mount the home folder share from a samba server:
    http://www.zdnetasia.com/using-pammount-to-automount-filesystems-at-login-62049948.htm
    http://linux.die.net/man/8/pam_mount

We also included scripts in /etc/profile.d to automatically run certain tasks such as:
    - creation of symlinks to specific folders such as Documents
    - reset gnome panel (a lot of users mess up their panels)
    - restore company wallpaper

I hope this helps.
0
 
Thyagaraj03Author Commented:
Hello crdmendozanet!

Thanks a lot for your interest. I am not sure what all the entries to include in which files. Trying to read and understand from the link provided. And on the other side, how about using the autofs?
0
 
Christopher Raymond MendozaCommented:
Hello Thyagaraj03,

We basically just installed pam_mount and modified the file /etc/security/pam.nount.conf.xml to mount shares according to our needs, specifically this part:

<volume fstype="cifs" server="server.example.com" path="ubuntu_homes" mountpoint="/home/%(USER)/.server_share"/>
<umount>umount /home/%(USER)/.server_share</umount>

Open in new window


The above tells pam_mount to use the user's login credentials, the username and password, to connect to ubuntu_homes shared thru samba (cifs) on the server server.example.com, and mount it as .server_sharein the user's home folder.

We then added a script named /etc/profile.d/custom.sh to do the links. It looks something like this:

#!/bin/bash

ln -sf "$HOME/.server_share/Documents" "$HOME/Documents"
ln -sf "$HOME/.server_share/.purple" "$HOME/.purple"


We did try to use autofs, but unfortunately the user needs to access the mount folder first before it is auto-mounted. We need something that mounts as soon as the user logs in.

I was able to use autofs in a smaller network though. Less than 10 computers actually. But it is not as stable as I would like.

Regards,
0
 
Thyagaraj03Author Commented:
Thank you!, I could do some of the things. One thing I'm very much interested are what you said,

- reset gnome panel (a lot of users mess up their panels)
- restore company wallpaper

could you tell me how to do that or instruct me, is that only possible with pam_mount?
0
 
Christopher Raymond MendozaCommented:
Hello Thyagaraj03,

Apologies for not replying earlier, I have rarely been online for the past weeks.

I will send you the scripts for the above functionalities as soon as I return to my desktop, hopefully next week.

No, it does not require pam_mount. We usually place the scripts in /etc/profile.d. In effect, the said scripts are automatically run whenever a user logs in, just like the Startup folder in Windows.

Regards,
0
 
Thyagaraj03Author Commented:
Hello,

Happy to hear from you again. I'll wait for your reply, I'll come back here again next week as you said.
Thank you very much!!
0
 
Christopher Raymond MendozaCommented:
Hello Thyagaraj03,

Have you tried using gconf-editor and gconftool-2? If so, the codes below would be a lot easier to comprehend.

We started by tweaking the panel(s), screensaver, wallpaper, colors and and themes to match our preferences. We also used gconf-editor to prepare the default schema for the panels.

We then used gconftool-2 with the --dump option to save our preferences to a file named default.entries in /usr/share/my_stuff/.

We then included a script similar to this in /etc/profile.d:
#!/bin/bash

gconftool-2 --recursive-unset /apps/panel
gconftool-2 --load /usr/share/my_stuff/default.entries

Open in new window


So whenever a user logs in, the following happens:
1. the panel is removed
2. the customized settings we saved in the file default.entries are loaded

I am sorry I can not be more specific, it has been a while so I can only describe what I can still remember.

Still, I hope this helps.

Regards,
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now