Difference between revisions of "Linking to Active Directory Home Directories using CentrifyDN"

See Article: http://community.centrify.com/t5/DirectControl-Express-for-UNIX/Automounting-home-directories-defined-in-AD/td-p/1044

* Disclaimer: I did not create (write) this script, or have I tested this well. Please change any errors or omissions in these instructions! *

1. Install SAMBA.

OPEN TERMINAL with Ctrl-T if it is not already open

   sudo -i

   apt-get update
  
   apt-get install samba

2. Create Script with adhome.pl based on article above and place in /usr/bin/adhome.pl

OPEN TERMINAL with Ctrl-T if it is not already open

   sudo -i

   nano /usr/bin/adhome.pl

2a. Copy the Shell Script into adhome.pl

   #!/bin/sh /usr/share/centrifydc/perl/run
   #This script uses ldap to fetch user homeDirectory from AD 
   #and mount/umount by smbmount and smbumount
    
  use strict;

  # use MIME::Base64;
  use File::Spec;
  # get the base dn
  
  my $zone_base = `cat /va/centrifydc/kset.zonename`;
  # get user CN
  
  my $cn = `adquery user -D ${ARGV[0]} | cut -d, -f1`;
  #print $cn;
  my @cn = split(/\n/,$cn);
  #ldap search
  #search for the homeDirectory attribute of user in AD in autozone mode
  #also cut the path out and change backward slash to forward slash
  my $ldap = `/usr/share/centrifydc/bin/ldapsearch -Q -H "LDAP://" -b "$zone_base"  -LLL "(@cn)" homeDirectory | grep homeDirectory | cut -d: -f2 | sed 's:\\\\:/:g' `;
   #print $ldap;
   #split the output into single line
  my @line = split(/\n/, $ldap);
  #print @line;
  #if ldapsearch result is not blank
  if (@line )
  {
  if(${ARGV[2]} eq "mount") {
  #mount the homeDirectory with smbmount command on mountpoint with kerberos ticket
  my $mount = `smbmount @line ${ARGV[1]} -o sec=krb5i`;
  #    print "mount";
    }
  }
  #if argument3 is umount will umount the share
  if(${ARGV[2]} eq "umount" ){
  my $mount = `smbumount ${ARGV[1]}`;
  #    print "umount"
   }

-- WORK IN PROGRESS --