diff --git a/playbook.yml b/playbook.yml
index e97fedb..33ed0ab 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -1,44 +1,47 @@
 ---
 # playbook.yml
 
-- name: install base vm
+- name: Install base vm
   hosts: all
   become: true
   remote_user: ansible
+  roles:
+    - vm_mount
   tasks:
 
-   - name: Install lxqt
-     ansible.builtin.apt:
-       name:
-         - lxqt
-         - spice-vdagent
-       update_cache: true
+    - name: Install lxqt
+      ansible.builtin.apt:
+        name:
+          - lxqt
+          - spice-vdagent
+        update_cache: true
 
-   - name: Add user
-     ansible.builtin.user:
-       name: user
-       comment: "Local Guest User,,,"
-       shell: /bin/bash
-       uid: 1001
-       password_expire_min: 99999
-       createhome: true
-       password: password
+    - name: Add user
+      ansible.builtin.user:
+        name: user
+        comment: "Local Guest User,,,"
+        shell: /bin/bash
+        uid: 1001
+        password_expire_min: 99999
+        createhome: true
+        password: password
 
-   - name: Enable autologin for user
-     ansible.builtin.copy:
-       content: |
-         [Autologin]
-         User=user
-         Session=lxqt.desktop
-       dest: /etc/sddm.conf
+    - name: Enable autologin for user
+      ansible.builtin.copy:
+        content: |
+          [Autologin]
+          User=user
+          Session=lxqt.desktop
+        dest: /etc/sddm.conf
+        mode: '0644'
 
-   - name: Set grub default to zero
-     ansible.builtin.lineinfile:
-       dest: /etc/default/grub
-       regexp: '^GRUB_TIMEOUT=.*'
-       line: GRUB_TIMEOUT=0
-     notify: Update grub
+    - name: Set grub default to zero
+      ansible.builtin.lineinfile:
+        dest: /etc/default/grub
+        regexp: '^GRUB_TIMEOUT=.*'
+        line: GRUB_TIMEOUT=0
+      notify: Update grub
 
   handlers:
-   - name: Update grub
-     ansible.builtin.command: update-grub
+    - name: Update grub
+      ansible.builtin.command: update-grub
diff --git a/roles/vm_mount/files/lmn-parse-vminfo b/roles/vm_mount/files/lmn-parse-vminfo
new file mode 100755
index 0000000..71781c6
--- /dev/null
+++ b/roles/vm_mount/files/lmn-parse-vminfo
@@ -0,0 +1,47 @@
+#!/usr/bin/python3
+from impacket.krb5.ccache import CCache
+from base64 import b64decode
+import json, os, os.path, sys, stat, subprocess
+
+if not os.path.isfile("/media/host/.vminfo.json"):
+    try:
+        subprocess.run(["/usr/bin/mount", "-t", "virtiofs", "VM-Data", "/media/host"])
+    except:
+        subprocess.run(["/usr/bin/mount", "-t", "virtiofs", "Home_Linux", "/media/host"])
+
+if not os.path.isfile("/media/host/.vminfo.json"):
+    print("/media/host/.vminfo.json not found",file=sys.stderr)
+    exit(1)
+
+with open("/media/host/.vminfo.json") as f:
+    data = json.load(f)
+
+user = data["User"]
+krbcred = b64decode(data["krb5"]["cred"])
+
+if os.path.isfile("/tmp/krb5cc_1000"):
+    os.remove("/tmp/krb5cc_1000")
+
+if os.path.isfile("/tmp/krb5cc_0"):
+    os.remove("/tmp/krb5cc_0")
+
+ccache = CCache()
+ccache.fromKRBCRED(krbcred)
+ccache.saveFile("/tmp/krb5cc_1000")
+ccache.saveFile("/tmp/krb5cc_0")
+
+if os.path.isfile("/tmp/krb5cc_1000"):
+    os.chown("/tmp/krb5cc_1000",1000,1000)
+    os.chmod("/tmp/krb5cc_1000",stat.S_IRUSR | stat.S_IWUSR)
+
+if os.path.isfile("/tmp/krb5cc_0"):
+    os.chown("/tmp/krb5cc_0",0,0)
+    os.chmod("/tmp/krb5cc_0",stat.S_IRUSR | stat.S_IWUSR)
+
+mounts = data["Mounts"]
+for mount in mounts:
+    directory = f"/lmn/media/{mount['Name']}"
+    if not os.path.exists(directory):
+        os.makedirs(directory)
+    if not os.path.ismount(directory):
+        subprocess.run(["/usr/bin/mount", "-t", "cifs", mount['RemotePath'], directory ,"-o", f"sec=krb5i,username={user},cruid=1000,uid=1000,gid=1000"])
diff --git a/roles/vm_mount/files/lmn-vminfo.service b/roles/vm_mount/files/lmn-vminfo.service
new file mode 100755
index 0000000..2f62611
--- /dev/null
+++ b/roles/vm_mount/files/lmn-vminfo.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Parse .vminfo.json and inject Host-User Kerberos-Ticket
+Requires=remote-fs.target
+Requires=network-online.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/python3 /usr/local/bin/lmn-parse-vminfo
+RemainAfterExit=false
diff --git a/roles/vm_mount/files/lmn-vminfo.timer b/roles/vm_mount/files/lmn-vminfo.timer
new file mode 100755
index 0000000..38261be
--- /dev/null
+++ b/roles/vm_mount/files/lmn-vminfo.timer
@@ -0,0 +1,12 @@
+[Unit]
+Description=Timer for lmn-vminfo
+Requires=remote-fs.target
+After=network-online.target
+
+[Timer]
+OnActiveSec=5s
+OnUnitActiveSec=1h
+Persistent=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/vm_mount/tasks/main.yml b/roles/vm_mount/tasks/main.yml
new file mode 100644
index 0000000..f641425
--- /dev/null
+++ b/roles/vm_mount/tasks/main.yml
@@ -0,0 +1,33 @@
+---
+
+- name: Install packages for lmn-vminfo.service
+  ansible.builtin.apt:
+    name:
+      - cifs-utils
+      - krb5-user
+      - python3-pip
+
+- name: Provide lmn-parse-vminfo script
+  ansible.builtin.copy:
+    src: lmn-parse-vminfo
+    dest: /usr/local/bin/lmn-parse-vminfo
+    mode: '0755'
+
+- name: Install impacket pip package
+  ansible.builtin.pip:
+    name: impacket
+    break_system_packages: true
+
+- name: Provide lmn-vminfo.service and timer
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/system/{{ item }}"
+    mode: '0644'
+  loop:
+    - lmn-vminfo.service
+    - lmn-vminfo.timer
+
+- name: Enable lmn-vminfo.timer
+  ansible.builtin.systemd:
+    name: lmn-vminfo.timer
+    enabled: true