diff --git a/roles/lmn_mount/tasks/main.yml b/roles/lmn_mount/tasks/main.yml
index 5f7d1d2..67e51eb 100644
--- a/roles/lmn_mount/tasks/main.yml
+++ b/roles/lmn_mount/tasks/main.yml
@@ -18,7 +18,7 @@
         server="{{ smb_server }}"
         path="{{ smb_share }}"
         mountpoint="/srv/samba/schools/default-school"
-        options="sec=krb5i,cruid=%(USERUID),user=%(USER),gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks"
+        options="sec=krb5i,cruid=%(USERUID),user=%(USER),file_mode=0700,dir_mode=0700,mfsymlinks,nobrl"
       ><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user><user>sddm</user><user>virti</user></or></not></volume>
     insertafter: "<!-- Volume definitions -->"
 
diff --git a/roles/lmn_vm/files/mounthome.sh b/roles/lmn_vm/files/mounthome.sh
index 9aaf587..3c2dd8b 100755
--- a/roles/lmn_vm/files/mounthome.sh
+++ b/roles/lmn_vm/files/mounthome.sh
@@ -2,7 +2,7 @@
 set -eu
 
 share="/srv/samba/schools/default-school/share/"
-home="$(getent passwd "$SUDO_UID" | cut -d : -f 6)"
+home="$(getent passwd "$SUDO_UID" | cut -d : -f 6 | sed 's|/srv/samba/schools/default-school/||')"
 
 exit_script() {
     echo "unmounting media - terminated by trap!" >> "/tmp/${SUDO_UID}-exit-mount.log"
@@ -23,7 +23,7 @@ elif [ "$#" -gt 0 ] && [ "$1" = '-o' ]; then
     read -rp "Username: " username
     read -srp "Passwort: " PASSWD
     export PASSWD
-    echo 
+    echo
     mkdir -p "/media/${SUDO_USER}/oldhome"
     #errcode=$(mount -t cifs -o "username=${username},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,forceuid,forcegid" \
     #	    "//192.168.1.2/DOCS/fvs" "/media/${SUDO_USER}/oldhome")
@@ -56,6 +56,8 @@ else
     chmod 0770 "/media/${SUDO_USER}"
     mkdir -p "/media/${SUDO_USER}/home"
     mkdir -p "/media/${SUDO_USER}/share"
-    mount --bind "${share}" "/media/${SUDO_USER}/share"
-    mount --bind "${home}" "/media/${SUDO_USER}/home"
+    mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
+           "//server/default-school/${home}" "/media/${SUDO_USER}/home"
+    mount -t cifs -o "sec=krb5i,cruid=${SUDO_UID},user=${SUDO_USER},uid=${SUDO_UID},gid=1010,file_mode=0770,dir_mode=0770,mfsymlinks" \
+           "//server/default-school/share" "/media/${SUDO_USER}/share"
 fi