CIFS Service Autohome Shares (November 9, 2007)

Since the topic of SMB autohome shares came up ...

SMB autohome shares resulted from of a customer request to make managing home directory shares easier. This particular customer had around 2000 users connecting to home directories on a server and the actual request was for help in scripting a management interface. Automatic sharing turned out to be a better solution.

The SMB autohome map provides a means to automatically share a directory when a user connects and unshare it when the user disconnects. SMB autohome shares are typically used to share home directories, in which case the share is filtered when viewed via CIFS so that it is only visible to the user whose username matches the share name. By default, the SMB autohome map is /etc/smbautohome, with a syntax that is similar to that used with the automounter, although the services are not related.

A map entry takes the form shown below, where key is a username, location is the fully qualified path for the user's home directory and container is an optional Active Directory Service (ADS) container.

  • key location [container]
As with regular shares, autohome shares can be published in Active Directory. The ADS container is specified as a comma-separated list of attribute=value pairs using LDAP distinguished name (DN) or relative distinguished name (RDN) format. The DN or RDN must be specified in LDAP format using the ou=, cn= and dc= prefixes as indicated below:
  • cn=common name
  • ou=organizational unit
  • dc=domain component
cn=, ou= and dc= are attribute types. The attribute type used to describe an object's RDN is called the naming attribute, which, for ADS, include the following object classes:
  • cn for the user object class
  • ou for the organizational unit (OU)
  • dc for the domainDns object class
Map Key Substitution

The location field contains a directory path with the ampersand (&) and question (?) characters providing substitution characters to simplify map entries. Ampersands are expanded to the value of the key and question marks are expanded to the first character of the key. In the following example, the path would be expanded to /home/jj/jane.
  • jane /home/??/&
Wildcard Key

An asterisk (*) can be used as the key, which is recognized as the catch-all entry. Such an entry will match any key not previously matched. For example; the following entry would map any user to a home directory in /home in which the home directory name was the same as the username.
  • * /home/&
Note that the wildcard rule will only be applied if an appropriate rule cannot be found in any other map entry.

NSSwitch Map

The nsswitch special map can be used to request that the home directory be obtained from a name service passwd database. An ADS container can be appended, which will be used to publish shares.
  • +nsswitch [container]
The nsswitch will only be searched if an appropriate rule cannot be found in any other map entry, including the wildcard rule, which means that the wildcard and nsswitch rules are mutually exclusive and an nsswitch rule will have no effect if a wildcard rule has been defined.
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

SMB BLOG - originally published by amw

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today