To quote Wikipedia,
A roaming user profile is a concept in the Windows NT family of operating systems that allows users with a computer joined to a Windows Server domain to log on to any computer on the same network and access their documents and have a consistent desktop experience, such as applications remembering toolbar positions and preferences, or the desktop appearance staying the same.
Our office environment consists of a mix of Windows and Linux systems. The task was to setup a system on which user data could be stored, such that the users would not be bound to a single system, and be able to work from any system.
On Windows using Active Directory and Roaming profiles, user data and logins can be centrally stored and authenticated. Advances have been made in Linux too to allow for a similar setup:
- [server side] Samba can be used to setup a Domain controller to authenticate users (for Linux only environments, solutions like Free IPA also exist).
- [client side] Can be setup by combining different services (as given here and here), or an integrated system can be used (like given here).
After considering the above, we went with the following solution:
Server side setup
Went with Zentyal server for user authentication, data storage, and file sharing (other options like ClearOS also exist).
Client side setup
Used pbis open for authenticating to the AD server, and put together a system for implementing roaming profiles.
Roaming profile setup
When searching for roaming profile on linux, csync was found which seemed like the ideal solution; however in practice an issue was encountered trying to sync between a local home folder and a samba mount of the remote folder.
Eventually discovered osync which synced the folders (local and remote) correctly.
Wrote some scripts tie it all together (available here).
Note: SMB v1.0 was used for the remote home folder cifs mount as unix extensions needed for proper permissions support seem to implemented for that version only (link).
Musings 
Hello,
I came to your blog via a google search for roaming profile implementation for Linux. I have checked most your suggestions. Just wanted to know, if you did this setup only for linux users or also for windows users as well.
In my current environment, I have windows AD in place, so what I was thinking is to have another setup only for linux users, which are all on ubuntu 16.04, with few exceptions like CentOS or Fedora.
I am trying with Freeipa, but not getting the desired success, so far.
Hi Dhaval,
This setup was both for Linux as well as Windows users. Samba was setup as PDC using Zentyal server, and both Linux as well as Windows clients were able to connect.
If its an option, you could try connecting the Linux clients to the Windows AD server using Pbis Open.
Regards,
Aaditya
P.S.
Can you elaborate upon the problems you are facing with FreeIPA?
Hello Aaditya,
Thank you for writing back, I am sorry for delay in response.
I have configured freeipa server on ubuntu 16.04 and my clients are also the same, I first tried with samba home directory auto mount but that didnt work, so I changed to nfs auto mount for home directories, so that all the user data can be on the server.
kinda to achieve, roaming profile thing with home directory data stored centrally, but that automount also didnt work.
I checked with pbis-open, and I could join ubuntu machine to windows AD, yet to check other things like mounting home directory and sudo
Hey Dhaval,
For home directory automount you could try pam_mount (http://pam-mount.sourceforge.net/), it worked for me.
sudo was enabled by adding the domain group to sudoers on client side.
Basic instructions including sudo available here: https://github.com/aadityabagga/linux-ad-roaming-profile/blob/master/docs/client_setup.md
Thanks again,
I have already checked your github link, and I am to try with it.
I am now thinking of creating a share on AD server and mount it as home for linux users. Not sure if it that will work, but let’s see.
Nice. Keep us posted on your progress 🙂
P.S.
Found this link, could be helpful: https://wiki.samba.org/index.php/User_Home_Folders
Regards,
Aaditya