5 Apr 2011

NFS - A Home from Home

The holy grail for enterprise clients are networked home directories, for many reasons, but most importantly they provide a centrally managed location for sys admins to take care of precious user data, you know, all those comedy email attachments and JPEGs from last years holiday in Benidorm, that important, business critical stuff we backup daily, weekly and monthly for them.

At least with an Ubuntu based client said industrious users are unable to tinker with the OS and break it, although the Linux networked home DIR, if integrating with Active Directory, can be a convoluted configuration to get on top of for *us*, and even if using Likewise Enterprise as the authentication bridge can still take a bit of application to nail down. After experimenting with CIF’s options around this area my own preferred method takes things back to basics via NFS based automount maps to a dedicated Ubuntu 10.04LTS NFS server, it’s a nice, clean option and provides a quick & robust stand-alone repository for all data. Here’s a brief overview of the setup. 

Obviously a dedicated Linux (Ubuntu) NFS server is required, and by adding the nfs-kernel, nfs-common and portmap utilities & configuring related entries in the /etc/exports file to cover your desired network access is easily setup (It’s a quick admin procedure which is widely documented around the internet). Once done, and the corresponding portmap & nfs-common utils installed client side, you’ll need to configure things at the Likewise end. 

At this stage familiarity with Likewise Enterprise is required with pre-configured Ubuntu client to Active Directory authentication tested and working, the rest of the config is carried out using a dedicated AD OU containing specified users (and group) across a linked Likewise Cell, a corresponding GPO to create the local (client) folder to be used as the mount point, an auto fstab entry to mount it to the NFS box, and finally, specifying home folder creation in the GPO and its location in the user (Likewise) settings entry, e.g – /<mount>/%U (The location can also be set in the GPO, either or). There are (admittedly) a few stages to keep an eye on here and it does take a bit of jiggery pokery, however after a few hours of R&D you get the picture and it all makes sense. I also like to configure the GPO with a few extra niceties such as the domain prepend at logon, it’s cleaner (and easier for the users). 

I’ve seen and read umpteen forum entries containing reams of convoluted head scratching on this subject with many having limited success above anything other than losing days and weeks trying to get things sorted, however I will honestly say that apart from adding one single line of syntax to the NFS server /etc/exports file no other lengthy file mods were required for me, everything else was taken care of GUI-side using the excellent Likewise Enterprise Group Policy Object Editor. The GPOE is indeed a thing of wonder and I can’t begin to extol the virtues of saved sanity from AD incorporation. 

If you’re one of the aforementioned forum head scratchers Cirronix would be more than happy to help and advise you with any of the above. I cover this and more in my one day Linux for Business (Workstation Integration) workshop held in Leeds. Feel free to either get in touch directly (using the links, top right) or book up for the workshop. We charge a mere £99 for the full day and we’ll even provide you with lunch.

No comments:

Post a Comment