diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..b9f4ebf
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,24 @@
+tmpfile := $(shell mktemp /tmp/epfl_roaming.XXXXXX)
+
+.PHONY: install
+install:
+	test -d /usr/local || mkdir -p /usr/local
+	test -d /usr/local/bin || mkdir /usr/local/bin
+	test -d /usr/local/etc || mkdir /usr/local/etc
+	test -d /usr/local/lib || mkdir /usr/local/lib
+	test -d /usr/local/lib/manage_cred || mkdir -m 700 /usr/local/lib/manage_cred
+	test -d /etc/skel/.config/autostart || mkdir -p /etc/skel/.config/autostart
+	test -d /etc/systemd/system || mkdir -p /etc/systemd/system
+	apt-get -y install python-ldap
+	grep -v 'manage_cred.py' /etc/pam.d/common-auth > $(tmpfile)
+	cat $(tmpfile) root/etc/pam.d/common-auth > /etc/pam.d/common-auth
+	grep -v 'epfl_roaming.py' /etc/pam.d/common-session > $(tmpfile)
+	cat $(tmpfile) root/etc/pam.d/common-session > /etc/pam.d/common-session
+	rm -f $(tmpfile)
+	install -o root -g root -m 755 root/usr/local/bin/manage_cred.py /usr/local/bin
+	install -o root -g root -m 755 root/usr/local/bin/epfl_roaming.py /usr/local/bin
+	install -o root -g root -m 755 root/usr/local/lib/manage_cred/ext_epfl_roaming.py /usr/local/lib/manage_cred
+	install -o root -g root -m 644 root/usr/local/etc/epfl_roaming.conf /usr/local/etc
+	install -o root -g root -m 644 root/etc/skel/.config/autostart/epfl_roaming.desktop /etc/skel/.config/autostart
+	install -o root -g root -m 644 root/etc/systemd/system/epfl_roaming_on_shutdown.service /etc/systemd/system
+	systemctl enable epfl_roaming_on_shutdown.service
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..fb8af1a
--- /dev/null
+++ b/README.md
@@ -0,0 +1,47 @@
+# epfl_roaming and manage_cred
+
+
+## `manage_cred`
+
+... is a tool that receives user's credentials during authentication phase and keeps it for later use.
+Any tool that want to benefit from it has to implement a "manage_cred's extension" by adding a Python file in `/usr/local/lib/manage_cred/` that implements both :
+1. `FLAG_FILE` : points to a file that reports that this extension expects to be run
+2. `run` : function that will receive both the username and the password in order to perform the commands needing the credentials.
+
+The files related to manage_cred :
++ `/etc/pam.d/common-auth`
+    Says that PAM has to run `manage_cred.py` at authentication step with credentials exposed
++ `/usr/local/bin/manage_cred.py`
+    Main script
++ `/usr/local/lib/manage_cred`
+    Folder that will contain all extensions
+
+
+## `epfl_roaming`
+
+... is a tool that stores selected application's config/preferences on the NAS. This is configured by adding right the folders, files and DConf keys in `/usr/local/etc/epfl_roaming.conf`.
+With epfl_roaming, the users have a clean session (created from `/etc/skel`) at every login, plus the important application's settings available across all PCs in a classroom.
+It directly needs `manage_cred`, since it has to mount the NAS during session creation at a time when we don't receive the password from PAM.
+
+The files related to epfl_roaming :
++ `/etc/pam.d/common-session`
+    Says that PAM has to run `epfl_roaming.py --pam` at session opening and closing. Most of the job is done here.
++ `/etc/skel/.config/autostart/epfl_roaming.desktop`
+    Says that Gnome/Unity has to run `epfl_roaming.py --session` when session is opened (used to apply DConf keys)
++ `/etc/systemd/system/epfl_roaming_on_shutdown.service`
+    Says that systemd has to run `epfl_roaming.py --on_halt` when the system is shut down or rebooted (since PAM procedure might be skipped or aborted)
++ `/usr/local/bin/epfl_roaming.py`
+    Main script
++ `/usr/local/etc/epfl_roaming.conf`
+    Configuration
++ `/usr/local/lib/manage_cred/ext_epfl_roaming.py`
+    manage_cred's extension for epfl_roaming
+
+
+# How to do the setup
+
+~~~ bash
+sudo make install
+~~~
+
+Note : This process has been validated on Ubuntu 16.04. Adaptations will be needed for Ubuntu 14.04 or Linux flavors.
diff --git a/root/etc/pam.d/common-auth b/root/etc/pam.d/common-auth
index 631df51..672c4fd 100644
--- a/root/etc/pam.d/common-auth
+++ b/root/etc/pam.d/common-auth
@@ -1,28 +1,2 @@
-#
-# /etc/pam.d/common-auth - authentication settings common to all services
-#
-# This file is included from other service-specific PAM config files,
-# and should contain a list of the authentication modules that define
-# the central authentication scheme for use on the system
-# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
-# traditional Unix authentication mechanisms.
-#
-# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
-# To take advantage of this, it is recommended that you configure any
-# local modules either before or after the default block, and use
-# pam-auth-update to manage selection of other modules.  See
-# pam-auth-update(8) for details.
-
-# here are the per-package modules (the "Primary" block)
-auth	[success=2 default=ignore]	pam_unix.so nullok_secure
-auth	[success=1 default=ignore]	pam_sss.so use_first_pass
-# here's the fallback if no module succeeds
-auth	requisite			pam_deny.so
-# prime the stack with a positive return value if there isn't one already;
-# this avoids us returning an error just because nothing sets a success code
-# since the modules above will each just jump around
-auth	required			pam_permit.so
-# and here are more per-package modules (the "Additional" block)
-# end of pam-auth-update config
-
+# This what has to be added to /etc/pam.d/common-auth to install manage_cred.py
 auth	optional			pam_exec.so log=/var/log/manage_cred.log expose_authtok quiet /usr/local/bin/manage_cred.py
diff --git a/root/etc/pam.d/common-session b/root/etc/pam.d/common-session
index 4328fec..8580992 100644
--- a/root/etc/pam.d/common-session
+++ b/root/etc/pam.d/common-session
@@ -1,34 +1,2 @@
-#
-# /etc/pam.d/common-session - session-related modules common to all services
-#
-# This file is included from other service-specific PAM config files,
-# and should contain a list of modules that define tasks to be performed
-# at the start and end of sessions of *any* kind (both interactive and
-# non-interactive).
-#
-# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
-# To take advantage of this, it is recommended that you configure any
-# local modules either before or after the default block, and use
-# pam-auth-update to manage selection of other modules.  See
-# pam-auth-update(8) for details.
-
-# here are the per-package modules (the "Primary" block)
-session	[default=1]			pam_permit.so
-# here's the fallback if no module succeeds
-session	requisite			pam_deny.so
-# prime the stack with a positive return value if there isn't one already;
-# this avoids us returning an error just because nothing sets a success code
-# since the modules above will each just jump around
-session	required			pam_permit.so
-# The pam_umask module will set the umask according to the system default in
-# /etc/login.defs and user settings, solving the problem of different
-# umask settings with different shells, display managers, remote sessions etc.
-# See "man pam_umask".
-session optional			pam_umask.so
-# and here are more per-package modules (the "Additional" block)
-session	required	pam_unix.so
-session	optional			pam_sss.so
-session	optional	pam_systemd.so
-# end of pam-auth-update config
-
+# This what has to be added to /etc/pam.d/common-session to install epfl_roaming.py
 session	optional        pam_exec.so      log=/var/log/epfl_roaming2.log /usr/local/bin/epfl_roaming.py --pam