I'm using Active Directory to log into RHEL. To do this, I followed the steps outlined here:
I'd like to be able to read data from Windows Servers shared folders without being prompted for a password.
On Windows I log into an AD domain, and when I access windows file shares on a server on the LAN (also part of the AD domain) my I can just access them with no authentication step.
I've used SMBclient on Linux to access these shares, but it asks for my password.
I would like to be able to script access to the data on the shares, but I can't if there's a password prompt in the way. Well, I could, but it's not how I want to do it.
Now, since I'm logged in using my active directory username & password, can't I just access the shares without jumping that extra hoop?
I know I can mount the share using something like:
//192.168.0.5/share /mnt/windows cifs auto,username=steve,password=secret,rw 0 0
but access will depend who is logged in... each user logging in should have their own unique AD access privelages.
Thanks for reading!
What you want is called Single-Sign-On. To achieve that, you must kerberize Linux. See http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html or similar.
Sorry, dont have the time to post the details.
In GNOME you can store your username and password in the keyring then anythime you pull up a file/folder in a program that support gVFS it will automatically login and "mount" the share.
I'd be amazed if there isn't something almost identicle in KDE; but I don't use KDE.
The big problem you're going to run into is that root mounts shares like that. So unless loging in with AD creds gets your root access to the machine the user wont be able to mount the share. I also don't believe Samba caches your login creds, but I could be mistaken, it's been a while since I did AD auth.