[Freeipa-users] How to handle users with multiple homedirs on different machines?
Lukas Slebodnik
lslebodn at redhat.com
Wed Jun 3 06:29:20 UTC 2015
On (02/06/15 17:07), swartz wrote:
>I have a environment that spans across multiple physical locations where
>there is a mix of Linux and Solaris workstations/servers. So far we've been
>managing accounts (/etc/password) via Puppet.
>
>Problem: FreeIPA allows to store only one homedir path.
>Q: Is there a way to store/set a different home path based on the system
>that the user is logged into?
>
sssd configuration is quite flexible in this way.
You can override homedir with configuration option
man sssd.conf -> "override_homedir"
However sssd is available just on linux (or FreeBSD)
I'm not sure which clients do you use on Solaris or other
old system, maybe there is a way how to override homedir as well.
Or you can configure home directory attribute to the non-existing
attribute in FreeIPA and use some fallback (if possible)
>As an example, I have user Bob.
>On a Linux box Bob has homedir at /home/b/bob
^
Unfortunatelly, there's no way how to say
sssd to use just first letter from name.
>On a Solaris this is likely /export/home/bob
>While on some other odd system it could be /mnt/nas/users/bob
Different "prefix" for homedir "/export/home", "/home", "/mnt/nas/users"
could be addresed with the option homedir_substring in sssd conf.
https://fedorahosted.org/sssd/ticket/1853
So you could store "%H" in ldap attribute,
but clients need to understand such value.
(sssd >= 1.11.6). I'm not sure about other clients.
LS
More information about the Freeipa-users
mailing list