Using autofs to mount under each users' home directory

I have a CentOS 6.2 box up and running and have configured autofs to automount Windows shares under a /mydomain folder, using various howtos on the internet. Specifically, I have three files:

/etc/auto.master

# ...
/mydomain   /etc/auto.mydomain --timeout=60
# ...

/etc/auto.mydomain

* -fstype=autofs,-DSERVER=& file:/etc/auto.mydomain.sub

/etc/auto.mydomain.sub

* -fstype=cifs,uid=${UID},gid=${EUID},credentials=${HOME}/.smb/mydomain ://${SERVER}/&

This works and allows each user to specify their own credentials in a file under their home directory.

However, the mounts they create are then available to everyone, with the original user's credentials, until the timeout is reached. This is less than ideal, so I've been looking at trying to do one of the following:

1. Configure autofs so that the mounts are local to each user but under the same path, so they can each simultaneously access /mydomain/server1 with their own credentials
2. Configure autofs so that the mount points are under each users' home folder, so they can each simultaneously access ~/mydomain/server1 with their own credentials
3. Configure autofs so that the mounts are under a user-named folder, so they can simultaneously access /mydomain/$USER/server1 with their own credentials (but I would also need to ensure that /mydomain/$USER is 0700 to the given $USER)

So far, I can't see any way of doing #1, but for #2 or #3, I've tried changing the entry in /etc/auto.master so that the key is either ${HOME}/mydomain or /mydomain/${USER}, but neither have worked (the first showed no matching entry in /var/log/messages and the second did not appear to do the variable substitution).

Am I missing something obvious?

(PS: Bonus props if you can provide a way to avoid the need for a plain-text credentials file -- maybe a straight prompt for username/domain/password, or maybe even some kerberos magic?)

(PPS: I have looked briefly at smbnetfs, but I couldn't get it to configure/make -- it asks for fuse >= 2.6 even though I have v2.8.3 according to fusermount --version -- and I couldn't find a released version for yum install)

(PPPS: I also briefly looked at the supplied /etc/auto.smb but it looked like it would suffer the same sharing issues?)