Tâche #30753: Fournir une recette SaltStack pour configurer le montage des lecteurs réseaux sur les postes GNU/Linux à la connection des utilisateurs du domaine - Distribution EOLE - Ensemble Ouvert Libre Évolutif

Tâche #30753

Scénario #30575: Intégrer la jonction des postes GNU/Linux à un Active Directory

Fournir une recette SaltStack pour configurer le montage des lecteurs réseaux sur les postes GNU/Linux à la connection des utilisateurs du domaine

Added by Daniel Dehennin almost 3 years ago. Updated almost 3 years ago.

Status:

Fermé

Priority:

Normal

Assigned To:

Daniel Dehennin

Target version:

sprint 2020 40-42 Equipe MENSR

Start date:

09/28/2020

Due date:

% Done:

90%

Remaining (hours):

0.0

Associated revisions

Revision 79fb10f3 (diff)
Added by Daniel Dehennin almost 3 years ago

AD/Linux: declare standard shares in pillar to be mounted by minion

On Seth, only mount the user home directory.

On Scribe:

- mount “commun” for users in group “Domain Users”
- mount “professeurs” for users in both groups “Domain Users” and
“professeurs”.

Revision 9c239c48 (diff)
Added by Daniel Dehennin almost 3 years ago

AD: mount shares for GNU/Linux member

Use “libpam-mount” to mount automatically SMB shares with kerberos
security at user login.

Revision 87d12714 (diff)
Added by Daniel Dehennin almost 3 years ago

Update changelog and VERSION for 2.4.1

Ref: #30726
Ref: #30727
Ref: #30753

Revision 6119c3b5 (diff)
Added by Daniel Dehennin almost 3 years ago

AD/Linux: declare domain controller hostname

Ref: #30726
Ref: #30753

Revision f9ef70b5 (diff)
Added by Daniel Dehennin almost 3 years ago

Switch to “ad-formula” and “pam-mount-formula”

To use the “ad-formula” and “pam-mount-formula” we need to generate
dedicated pillars.

Ref: #30726
Ref: #30753

Revision 08b176b5 (diff)
Added by Daniel Dehennin almost 3 years ago

SSSD: don't requires principal FQDN at login

It should be mandatory on multi-realm but we don't use that
configuration for now.

Let's simplify user life.

Ref: #30726
Ref: #30753

Revision 7a0e3da7 (diff)
Added by Daniel Dehennin almost 3 years ago

Add grains on join

Ref: #30726
Ref: #30753

Revision 42f31891 (diff)
Added by Daniel Dehennin almost 3 years ago

AD: use “ad-formula” and “pam-mount-formula”

We transfert the AD join and GNU/Linux mounting of directories to
their dedicated formulas

Ref: #30726
Ref: #30753

Revision db82ecbf (diff)
Added by Daniel Dehennin almost 3 years ago

We depends now on “eole-ad-formula” and “eole-pam-mount-formula”

Ref: #30726
Ref: #30753

Revision e60571fc (diff)
Added by Daniel Dehennin almost 3 years ago

We now depend on “eole-ad-formula” and “eole-pam-mount-formula”

Ref: #30726
Ref: #30753

Revision e1a3cde5 (diff)
Added by Daniel Dehennin almost 3 years ago

We now depend on “eole-ad-formula” and “eole-pam-mount-formula”

Ref: #30726
Ref: #30753

Cherry picked for EOLE 2.8.1 from commit e60571fc72a3a2d68afd2b141a81ddd02375c86f

Revision 041c84d7 (diff)
Added by Daniel Dehennin almost 3 years ago

The EOLE “is_defined” don't play well with CreoleLint

CreoleLint does not manage correctly the use of
“%%is_defined("<VAR>")” without using the “<VAR>” in the “%if” block.

tmpl/ad.sls: replace the “%%is_defined” by “%%getVar(<VAR>, False)”

tmpl/eole-workstation.sls: ditoo.

tmpl/pam-mount.sls: ditoo.

Ref: #30726
Ref: #30753

History

#1 Updated by Scrum Master almost 3 years ago

Status changed from Nouveau to En cours

#2 Updated by Scrum Master almost 3 years ago

Assigned To set to Daniel Dehennin

#3 Updated by Daniel Dehennin almost 3 years ago

% Done changed from 0 to 90

Fait pour 2.7.1 et 2.7.2 le portage 2.8 sera fait avec un éclatement de la formula en plusieurs partie afin de mieux gérer les différents composants.

#4 Updated by Daniel Dehennin almost 3 years ago

Status changed from En cours to Résolu

#5 Updated by Laurent Flori almost 3 years ago

Status changed from Résolu to Fermé
Remaining (hours) set to 0.0

Also available in: Atom PDF