[Freeipa-devel] Re: network accounts logins but never make a local user folder on Fedora 9 when the option to do that is set
Jaakan Shorter
jaakanshorter at gmail.com
Tue May 20 21:08:39 UTC 2008
I got it working with a clean install of fedora 9 as a client
first I did
# kinit admin
# ipa-addservice host/desktop.test.net --force
# ipa-getkeytab -s ipaserver.test.net -p host/desktop.test.net -k
/etc/krb5.keytab
then
I made "jshorter" in the WebGUI
# kinit jshorter
made new password
logged in to desktop.test.net ( login hangs )
did Ctrl+Alt+backspace
logged in as root
# cd /home
# mkdir jshorter
# chmod -R 777 jshorter
I logged in again and now I'm too a working desktop
I'll change the owner and rights later
jaakan
On Tue, May 20, 2008 at 1:02 PM, Jaakan Shorter <jaakanshorter at gmail.com> wrote:
> Not sure if this is a bug or just a configuration issue
>
> I have setup a Fedora 9 desktop for network login/authentication, user
> info = LDAP, Authentication = Kerberos,
> options = "make /home/$username if folder is not there"
> test user account I setup = "btestuse" with the WebGUI
> I ran the following on desktop "kinit btestuse" , "klist", the account
> i made that works
>
> it asked me to change my password and I made a new one.
> it looked like it was bring up the desktop but just seemed to hang ( I
> can Ctrl-Alt-F1 and back with Ctrl-Alt-F7 )
>
> Are there missing steps not currently in the documentation for setup a client?
> Would I have to do something like the following so that logging in via
> the network account will make a /home/$username folder?
> or something like adding a windows computer to AD so the desktop lets
> the creation of that user folder/profile complete?
>
> # kinit admin
> # ipa-addservice host/desktop.example.com
> # ipa-getkeytab -s ipaserver.example.com -p host/desktop.example.com
> -k /etc/krb5.keytab
>
>
>
>
> here are some logs from the server and client
>
>
> From a Fedora 9 desktop ( ipacf9.test.net 192.168.1.75 )
>
> May 19 18:24:55 ipacf9 gconfd (btestuse-2741): Failed to open saved
> state file: Failed: Failed to open gconfd logfile; won't be able to
> restore listeners after gconfd shutdown (No such file or directory)
> May 19 18:24:55 ipacf9 gconfd (btestuse-2741): GConf server is not in
> use, shutting down.
> May 19 18:24:55 ipacf9 gconfd (btestuse-2741): Could not open saved
> state file '/home/btestuse/.gconfd/saved_state.tmp' for writing: No
> such file or directory
> May 19 18:24:55 ipacf9 gconfd (btestuse-2741): Exiting
>
>
> Server side
>
> - Fedora 9-
> May 19 18:35:45 freeipa.test.net krb5kdc[1813](info): AS_REQ (7 etypes
> {18 17 16 23 1 3 2}) 192.168.1.75: NEEDED_PREAUTH: btestuse at TEST.NET
> for krbtgt/TEST.NET at TEST.NET, Additional pre-authentication required
> May 19 18:35:45 freeipa.test.net krb5kdc[1813](info): AS_REQ (7 etypes
> {18 17 16 23 1 3 2}) 192.168.1.75: ISSUE: authtime 1211236545, etypes
> {rep=18 tkt=18 ses=18}, btestuse at TEST.NET for krbtgt/TEST.NET at TEST.NET
>
More information about the Freeipa-devel
mailing list