diff --git a/roles/ad_joined/tasks/main_lin.yml b/roles/ad_joined/tasks/main_lin.yml
index cfb19ef..a7f7e68 100644
--- a/roles/ad_joined/tasks/main_lin.yml
+++ b/roles/ad_joined/tasks/main_lin.yml
@@ -47,11 +47,6 @@
     owner: root
     mode: 0600
 
-- name: Fix apparmor HOMEDIRS
-  template:
-    src: apparmor_cifs_homes
-    dest: "/etc/apparmor.d/tunables/home.d/cifs_homes"
-
 #- name: Configure libpam-mount
 #  copy:
 #    src: pam_mount.conf.xml
@@ -65,13 +60,7 @@
   command: pam-auth-update --disable mkhomedir
   become: true
 
-- name: Use sssd for cifs idmap
-  file:
-    state: link
-    src: /usr/lib/x86_64-linux-gnu/cifs-utils/cifs_idmap_sss.so
-    path: /etc/alternatives/idmap-plugin
-
-- name: Create service to get and renew machine kerberos tickets
+- name: Create kstart service
   copy:
     src: kstart.service
     dest: /etc/systemd/system/kstart.service
@@ -81,19 +70,14 @@
     src: kstart.service
     dest: /etc/systemd/system/kstart.service
 
-- name: Create profiles directory
-  file:
-    path: /home/profiles
-    state: directory
-
 - name: Add mount - cifs_home
   mount:
     boot: true
     fstype: cifs
     src: "//ucilnicesmb.fri1.uni-lj.si/ucilnice_d"
-    path: /remote_home
+    path: /mnt/cifs_home
     state: mounted
-    opts: "cruid=0,username={{ inventory_hostname }}-linux@FRI1.UNI-LJ.SI,sec=krb5i,nobrl,sfu,cifsacl,setuids,fsc,multiuser,actimeo=65536,nostrictsync,cache=loose,resilienthandles,noatime,x-systemd.requires=kstart.service"
+    opts: "cruid=0,username={{ inventory_hostname }}-linux@FRI1.UNI-LJ.SI,sec=krb5i,nobrl,sfu,nostrictsync,cache=loose,mfsymlinks,dir_mode=0700,file_mode=0700,fsc,multiuser,x-systemd.requires=kstart.service"
 
 - name: Restart sssd
   service: