LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Linux AD user folder server (http://www.linuxquestions.org/questions/linux-server-73/linux-ad-user-folder-server-934336/)

Droa 03-14-2012 12:00 AM

Linux AD user folder server
 
Hey Guys.

i was wondering, is there any way to make a AD user folder server?

the AD is on a Windows Server 2008.. however the bandwith to the AD is slow, and overpopulated, as there are 52.000 computers on the network.

we been having issues with Windows Clients, that they download policies for 20 minutes to 1 hours, when logging in..
so we changed our Client Base to linux machines at our local building, to fasten up the login time.

now we really miss the Personal Data Folders, for Desktop settings, and icons / http bookmarks.

now i have an idea, to download the userfolder from a Local User Folder Server, however to keep our folders private, i wanted them to get validated access from the AD.

is there any way to do this?

trickykid 03-14-2012 10:12 AM

Are you wanting what most would call roaming profiles? So when a user logs into another machine, his personal settings go with him but on Linux instead of windows?

Droa 03-14-2012 10:56 AM

Quote:

Originally Posted by trickykid (Post 4626638)
Are you wanting what most would call roaming profiles? So when a user logs into another machine, his personal settings go with him but on Linux instead of windows?

THAt is correct

Atari911 03-14-2012 10:36 PM

You could just setup the user profile folder to be on a network disk.

elfenlied 03-14-2012 10:45 PM

Roaming profiles are very very (very) messy. If you can avoid using them do so at all costs, you're better off using folder redirection which can be done with group policy. Redirect things such as My Documents, Favourites to a network drive and lock down the desktops so people can't save documents on there, this will avoid having large profile directories which quite honestly have so much issues.

Roaming profiles can be located on any server specifying a UNC path so if you setup samba on a linux box to host your profiles (if you really want the headache) then it can be done.

Droa 03-14-2012 10:57 PM

Quote:

Originally Posted by elfenlied (Post 4627036)
Roaming profiles are very very (very) messy. If you can avoid using them do so at all costs, you're better off using folder redirection which can be done with group policy. Redirect things such as My Documents, Favourites to a network drive and lock down the desktops so people can't save documents on there, this will avoid having large profile directories which quite honestly have so much issues.

Roaming profiles can be located on any server specifying a UNC path so if you setup samba on a linux box to host your profiles (if you really want the headache) then it can be done.

so there are no way to validate users have access do the folders? the big problem is, that people seems to access eachothers profiles folders, and look trough thair files on the samba server i currently have. as they all use the same samba user.

elfenlied 03-14-2012 11:00 PM

Yes there is, you can have the samba server even join the domain as a member server and apply permissions to AD users and groups.

Droa 03-14-2012 11:05 PM

Quote:

Originally Posted by elfenlied (Post 4627036)
Roaming profiles are very very (very) messy. If you can avoid using them do so at all costs, you're better off using folder redirection which can be done with group policy. Redirect things such as My Documents, Favourites to a network drive and lock down the desktops so people can't save documents on there, this will avoid having large profile directories which quite honestly have so much issues.

Roaming profiles can be located on any server specifying a UNC path so if you setup samba on a linux box to host your profiles (if you really want the headache) then it can be done.

we have no windows machines at all in the house, we only use linux, the reason why the AD server is a Windows machine, is becasue the maine corp uses that to control the network domain and users.. so we dont have direct access to channg users policies..
we do have a profile folder on the wondows domain, but its a 50MB connection shared to alot of computers, so we never use thouse folders.
and as fare as i know, linux ignores policies dictated by the windows domain, for the local PC setup

Droa 03-14-2012 11:07 PM

Quote:

Originally Posted by elfenlied (Post 4627052)
Yes there is, you can have the samba server even join the domain as a member server and apply permissions to AD users and groups.

thank you so mutch, thats all i needed the know.

so i just setup the linux server, as i did with my linux client, when i joined them?

however, currently i use Samba as the domain client, and it seems to only make a UID and GUID when a user have been logged in once.. does that mean i need every person to make a login, before i can give them a folder on the server?


All times are GMT -5. The time now is 11:02 AM.