Difference between revisions of "Linking to Active Directory Home Directories using CentrifyDN"

From ubermix Wiki
Jump to: navigation, search
m
m
 
(3 intermediate revisions by the same user not shown)
Line 2: Line 2:
  
 
''' * Disclaimer: I did not create (write) this script, or have I tested this well. Please change any errors or omissions in these instructions! * '''
 
''' * Disclaimer: I did not create (write) this script, or have I tested this well. Please change any errors or omissions in these instructions! * '''
 +
 +
''' * Disclaimer 2. : These instructions on this part *do not work*; I need to create scripts to fix some issues to make this work. Please be patient or create your own scripts to make this section work '''
  
  
Line 18: Line 20:
 
''' 2. Create Script with adhome.pl based on article above and place in /usr/bin/adhome.pl '''
 
''' 2. Create Script with adhome.pl based on article above and place in /usr/bin/adhome.pl '''
  
 +
''' OPEN TERMINAL with Ctrl-T if it is not already open '''
  
 
     sudo -i
 
     sudo -i
Line 23: Line 26:
 
     nano /usr/bin/adhome.pl
 
     nano /usr/bin/adhome.pl
 
''' 2a. Copy the Shell Script into adhome.pl '''
 
''' 2a. Copy the Shell Script into adhome.pl '''
   
+
 
    <nowiki>#!/bin/sh /usr/share/centrifydc/perl/run
+
  #!/bin/sh /usr/share/centrifydc/perl/run
    # This script uses ldap to fetch user homeDirectory from AD  
+
  #This script uses ldap to fetch user homeDirectory from AD  
    # and mount/umount by smbmount and smbumount</nowiki>
+
  #and mount/umount by smbmount and smbumount
    <nowiki>use strict;</nowiki>
+
       
    <nowiki>#use MIME::Base64;</nowiki>
+
  use strict;
    <nowiki>use File::Spec;</nowiki>
+
  use File::Spec;
    <nowiki># get base dn</nowiki>
+
     
    <nowiki>my $zone_base = `cat /va/centrifydc/kset.zonename`;</nowiki>
+
  my $zone_base = `cat /var/centrifydc/kset.zonename`; # changed va to var
    <nowiki>#get user CN</nowiki>
+
       
    <nowiki>my $cn = `adquery user -D ${ARGV[0]} | cut -d, -f1`;</nowiki>
+
  my $cn = `adquery user -D ${ARGV[0]} | cut -d, -f1`;
    <nowiki>#print $cn;</nowiki>
+
     
    <nowiki>my @cn = split(/\n/,$cn);</nowiki>
+
  my @cn = split(/\n/,$cn);
    <nowiki>#ldap search</nowiki>
+
 
    <nowiki>#search for the homeDirectory attribute of user in AD in autozone mode</nowiki>
+
  my $ldap = `/usr/share/centrifydc/bin/ldapsearch -Q -H "LDAP://" -b "$zone_base"  -LLL "(@cn)" homeDirectory | grep homeDirectory | cut -d: -f2 | sed 's:\\\\:/:g' `;
    <nowiki>#also cut the path out and change backward slash to forward slash</nowiki>
+
 
    <nowiki>my $ldap = `/usr/share/centrifydc/bin/ldapsearch -Q -H "LDAP://" -b "$zone_base"  -LLL "(@cn)" homeDirectory | grep homeDirectory | cut -d: -f2 | sed 's:\\\\:/:g' `; <\nowiki>
+
  my @line = split(/\n/, $ldap);
    <nowiki>#print $ldap;<\nowiki>
+
 
    <nowiki>#split the output into single line</nowiki>
+
  if (@line )
    <nowiki>my @line = split(/\n/, $ldap);</nowiki>
+
  {
    <nowiki>#print @line;</nowiki>
+
      if(${ARGV[2]} eq "mount")  
    <nowiki>#if ldapsearch result is not blank</nowiki>
+
      {
    <nowiki>if (@line )</nowiki>
+
 
    <nowiki>{</nowiki>
+
      my $mount = `smbmount @line ${ARGV[1]} -o sec=krb5i`;
    <nowiki>if(${ARGV[2]} eq "mount") {</nowiki>
+
    
    <nowiki>#mount the homeDirectory with smbmount command on mountpoint with kerberos ticket</nowiki>
+
      }
    <nowiki>my $mount = `smbmount @line ${ARGV[1]} -o sec=krb5i`;</nowiki>
+
  }
    <nowiki>#   print "mount";</nowiki>
+
 
    <nowiki>  }</nowiki>
+
  if(${ARGV[2]} eq "umount" )
    <nowiki>}</nowiki>
+
  {
    <nowiki>#if argument3 is umount will umount the share</nowiki>
+
 
    <nowiki>if(${ARGV[2]} eq "umount" ){</nowiki>
+
     my $mount = `smbumount ${ARGV[1]}`;
     <nowiki>my $mount = `smbumount ${ARGV[1]}`;</nowiki>
+
    
    <nowiki>#   print "umount"</nowiki>
+
  }
    <nowiki>}<\nowiki>
+
 
 +
''' -- WORK IN PROGRESS -- '''

Latest revision as of 21:18, 10 May 2012

See Article: http://community.centrify.com/t5/DirectControl-Express-for-UNIX/Automounting-home-directories-defined-in-AD/td-p/1044

* Disclaimer: I did not create (write) this script, or have I tested this well. Please change any errors or omissions in these instructions! *

* Disclaimer 2. : These instructions on this part *do not work*; I need to create scripts to fix some issues to make this work. Please be patient or create your own scripts to make this section work



1. Install SAMBA.

OPEN TERMINAL with Ctrl-T if it is not already open

   sudo -i
   apt-get update
  
   apt-get install samba

2. Create Script with adhome.pl based on article above and place in /usr/bin/adhome.pl

OPEN TERMINAL with Ctrl-T if it is not already open

   sudo -i
   nano /usr/bin/adhome.pl

2a. Copy the Shell Script into adhome.pl

  #!/bin/sh /usr/share/centrifydc/perl/run
  #This script uses ldap to fetch user homeDirectory from AD 
  #and mount/umount by smbmount and smbumount
       
  use strict;
  use File::Spec;
     
  my $zone_base = `cat /var/centrifydc/kset.zonename`; # changed va to var
        
  my $cn = `adquery user -D ${ARGV[0]} | cut -d, -f1`;
     
  my @cn = split(/\n/,$cn);
  
  my $ldap = `/usr/share/centrifydc/bin/ldapsearch -Q -H "LDAP://" -b "$zone_base"  -LLL "(@cn)" homeDirectory |  grep homeDirectory | cut -d: -f2 | sed 's:\\\\:/:g' `;
  
  my @line = split(/\n/, $ldap);
  
  if (@line )
  {
     if(${ARGV[2]} eq "mount") 
     {
  
      my $mount = `smbmount @line ${ARGV[1]} -o sec=krb5i`;
  
     }
  }
  
  if(${ARGV[2]} eq "umount" )
  {
  
   my $mount = `smbumount ${ARGV[1]}`;
  
  }

-- WORK IN PROGRESS --