I have no problems mounting cifs file systems and assigning ownership to the files to some user (via mount command parameters). I am now hoping to set up something a bit more complex and am unsure how best to proceed. I have an openSUSE 11.2 system that authenticates users via an MS Active Directory. This works fine. Users log in and a home is created on the fly. It literally has a life of it's own. Which is great. In this setup, there are a number of shared drives that all users attach to on their Windows PCs. They want the same capability when they log in on Linux. The drives are the same for all users. The permissions for reading and writing are maintained in the AD based on the user. And there is the problem: on a Windows PC, only one person is usually logged in and thus gets the correct permissions on that PC. On the Linux box, perhaps more than one person will log in at a time. How to sort out the cifs file system permissions? I am guessing that such sharing is not really part of the cifs client mount capabilities. So, I have been considering doing the following. All the AD logins are in the Linux 'users' group. If I set the default file permissions so that the group has the permissions I am after, the members of the group should be able to play nice together. The limitations I see are: 1. no one gets more permissions than the user cifs used to mount the file system, independent of their AD permissions. 2. some users who might not have permissions in the AD will get them if the user cifs used when mounting the file system had those extra permissions. Is there perhaps a more obvious way that I have not figured out? Like mounting these cifs file systems multiple times, one for each user, using their AD authentication? I really want these to be mounted automatically when the user logs in. The password for the remote cifs will be the same as the one they logged in with (as they were authenticated in that AD), but I am guessing they will have to enter it again for the mounting, right? I usually see autofs mentioned in these parts. How does that deal with the authentication? I think this is the last major part of the puzzle for me using AD with Linux. -- Roger Oberholtzer OPQ Systems / Ramböll RST Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden Office: Int +46 10-615 60 20 Mobile: Int +46 70-815 1696 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org