[Freeipa-users] FreeIPA for Linux desktop deployment

nasir nasir kollathodi at yahoo.com
Thu May 12 19:30:27 UTC 2011 

Adam,
I tried to follow your recommendations with RHEL 6.1 beta on server and client machine. Centralized login and such things work. I have NFS service too working. But automount is not working.  For the time being I configured my server as NFS server and created a folder /export as a share for creating home folder. I have pam_oddjob_mkhomedir.so enabled in pam files for autocreation of home folders. Now I can manually mount the /export nfs share on the server and the client successfully. But when I do that on server for testing and try to login as a new user(e.g abc), it is not creating home folder. It gives the following error,
oddjob-mkhomedir[16401]: error setting permissions on /home/abc: Operation not permitted
I have given 777 for my /export and rw permission in /etc/export. Output of the command ipa automountlocation-tofiles default.

/etc/auto.master:/-      /etc/auto.direct/share  /etc/auto.share/home   /etc/auto.home---------------------------/etc/auto.direct:---------------------------/etc/auto.share:---------------------------/etc/auto.home:*       -rw,nfs4,sec=krb5,soft,rsize=8192,wsize=8192 openipa.cohort.org:/export/home/& I tried reading many docs(RHEL deployment guide, google, FreeIPA doc etc). The problem is that they are confusing and conflicting in many cases. 
Please advice me how to proceed.
Thanks and Regards,Nidal


                                                        Nidal,

                                                        

                                                        OK, I'd probably
                                                        do something
                                                        like this: 
                                                        After install
                                                        IPA, add one
                                                        host as an IPA
                                                        client with the
                                                        following
                                                        switch: 
                                                        --mkhomedir,,
                                                        something like 
                                                        ipa-client-install

                                                        --mkhomedir -p
                                                        admin.   Then,
                                                        mount the
                                                        directory that
                                                        you are going to
                                                        use a /home on
                                                        that machine. 
                                                        Once you create
                                                        users in IPA,
                                                        the first time
                                                        you log in as
                                                        that user, do so
                                                        from that
                                                        client, and it
                                                        will attempt to
                                                        create the home
                                                        directory for
                                                        you.    This
                                                        should be the
                                                        only machine
                                                        that has
                                                        permissions to
                                                        create
                                                        directories
                                                        under /home. 
                                                        Now, create an
                                                        automount
                                                        location and
                                                        map, and create
                                                        a key for /home

                                                        

                                                        The instructions
                                                        from our test
                                                        day should get
                                                        you started:

                                                        

                                                        https://fedoraproject.org/wiki/QA:Testcase_freeipav2_automount

                                                        

                                                        

                                                      
                                                    
                                                  
                                                
                                              
                                            
                                          
                                        
                                        

                                      
                                    
                                  
                                
                              
                            
                          
                        
                        

                      
                    
                  
                
              
            
          
        
      
    
    

  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110512/dbe31e91/attachment.htm>

More information about the Freeipa-users mailing list