Roaming profile on Linux in 2017

To quote Wikipedia,

A roaming user profile is a concept in the Windows NT family of operating systems that allows users with a computer joined to a Windows Server domain to log on to any computer on the same network and access their documents and have a consistent desktop experience, such as applications remembering toolbar positions and preferences, or the desktop appearance staying the same.

Our office environment consists of a mix of Windows and Linux systems, and the task was to setup a system on which user data could be stored such that the users would not be bound to a single system and be able to work on any system.

On Windows using Active Directory and Roaming profiles user data and logins can be centrally store and authenticated. Advances have been made in Linux too to allow for a similar setup:

  • [server side] Samba can be used to setup a Domain controller to authenticate users (for Linux only environments, solutions like Free IPA also exist).
  • [client side] Can be setup by combining different services (as given here and here), or an integrated system can be used (like given here).

After considering the above, we went with the following solution:

Server side setup

Went with Zentyal server for user authentication, data storage, and file sharing (other options like ClearOS also exist).

Client side setup

Used pbis open for authenticating to the AD server, and put together a system for implementing roaming profiles.

Roaming profile setup

When searching for roaming profile on linux, csync was found which seemed like the ideal solution; however in practice an issue was encountered trying to sync between a local home folder and a samba mount of the remote folder.

Eventually discovered osync which synced the folders (local and remote) correctly.

Wrote some scripts tie it all together (available here).

Note: SMB v1.0 was used for the remote home folder cifs mount as unix extensions needed for proper permissions support seem to implemented for that version only (link).

2 thoughts on “Roaming profile on Linux in 2017

  1. Hello,

    I came to your blog via a google search for roaming profile implementation for Linux. I have checked most your suggestions. Just wanted to know, if you did this setup only for linux users or also for windows users as well.

    In my current environment, I have windows AD in place, so what I was thinking is to have another setup only for linux users, which are all on ubuntu 16.04, with few exceptions like CentOS or Fedora.

    I am trying with Freeipa, but not getting the desired success, so far.

    1. Hi Dhaval,

      This setup was both for Linux as well as Windows users. Samba was setup as PDC using Zentyal server, and both Linux as well as Windows clients were able to connect.

      If its an option, you could try connecting the Linux clients to the Windows AD server using Pbis Open.

      Regards,
      Aaditya

      P.S.
      Can you elaborate upon the problems you are facing with FreeIPA?

Leave a Reply

Your email address will not be published. Required fields are marked *