[Freeipa-users] How to handle users with multiple homedirs on different machines?

[Alexander Bokovoy]

On Tue, 02 Jun 2015, swartz wrote:
>I have a environment that spans across multiple physical locations where
>there is a mix of Linux and Solaris workstations/servers. So far we've been
>managing accounts (/etc/password) via Puppet.
>
>Problem: FreeIPA allows to store only one homedir path.
>Q: Is there a way to store/set a different home path based on the system
>that the user is logged into?
Yes, this is a feature of FreeIPA 4.1, called ID Views.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/id-views.html

See also my talk at SambaXP this year:
https://www.samba.org/~ab/sambaxp/2015/freeipa_idviews.pdf

While ID Views were designed for supporting Active Directory users
(where you may not have POSIX attributes in the directory), they can be
used for augmenting IPA users too -- just create a separate view and
apply it to the host you need. SSSD has to be recent enough to apply the
view locally at that host.

For Solars and other systems, use compat tree integration.


>
>As an example, I have user Bob.
>On a Linux box Bob has homedir at /home/b/bob
>On a Solaris this is likely /export/home/bob
>While on some other odd system it could be /mnt/nas/users/bob
>
>The contents in each of the above locations differs for Bob.
>
>There are NAS boxes that hold data for specific groups that are mounted on
>few machines only. We can't use NAS as central homedir storage for number
>of reasons. Mounting exported filesystems as subdirs under main homedir
>isn't an option either. Many odd-ball systems don't export their
>filesystems. Mounting all homedirs locations isn't necessary on all
>machines. Performance issues over network., etc, etc.
>
>Is there a way to handle such scenario as outline above? I would welcome
>any input/ideas.


-- 
/ Alexander Bokovoy