LDAP not creating home directories

Bliss, Aaron ABliss at preferredcare.org
Mon Jan 23 04:12:55 UTC 2006


I'm trying to get home directories to be created with clients that are
authenticating against my ldap server, however for some reason adding
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077 to
/etc/pam.d/sshd doesn't seem to do the trick on my redhat 4 boxes; this
actually works great on my centos 4.2 and redhat 3 boxes.  Any ideas?
Thanks very much.

Aaron

-----Original Message-----
From: Ryan Golhar [mailto:golharam at umdnj.edu] 
Sent: Sunday, October 16, 2005 10:11 AM
To: 'General Red Hat Linux discussion list'
Subject: RE: LDAP not creating home directories

LDAP won't create the home directories for you.  However, the home
directory can be automatically created when a user first logs in.

For login services except SSH, add the pam_mkhomedir.so module to the
PAM configuration file for the service, /etc/pam.d/login, for example:

      session required pam_mkhomedir.so skel=/etc/skel/ umask=0077

If a user authenticates and no home directory exists, the home directory
is created in /home. The umask=0077 parameter causes the directory
permission to be set to 700. The home directory is constructed from the
skeletal files found in the /etc/skel directory.

The other option is to create the home directory yourself.  This is what
I do because of our set up.

Ryan

-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com] On Behalf Of Stuart Sears
Sent: Sunday, October 16, 2005 7:59 AM
To: General Red Hat Linux discussion list
Subject: Re: LDAP not creating home directories


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Allen Chen enlightened us with the following gems on 14/10/05 18:46:
> Geetha Thanu wrote:
> 
>> Hello Gurus,
>>
>> LDAP server and clients are installed and using ldif file  i am able 
>> to create a user successfully.
>>
>> But the home directory is not being created.
>>
>> So please guide me what i should do and what configuration chnages 
>> has to be done if i want the LDAP to create home directory 
>> automatically
>>
>> thanks Geetha
>>
>>
>>        
>> __________________________________________________________ Yahoo! 
>> India Matrimony: Find your partner now. Go to http://yahoo.shaadi.com
>>
>>  
>>
> Could u post smb.conf file ?
> 
um... why?
smb.conf is the samba configuration file and has little (or nothing)  to
do with LDAP I would ask...
1) do the home directories already exist on a network device, so that
you only need them mounted locally? autofs can be set up to use LDAP as
well - so that would enable those.
2) if not, do you need to create a *local* directory whenever a user
logs in? look in  /usr/share/doc/pam-0* for the pam_mkhomedir module,
which can do this for you.

Regards

Stuart
- --
Stuart Sears RHCE RHCX
DPRINTK("doing direct send\n"); /* @@@ well, this doesn't work anyway */
        linux-2.6.6/drivers/atm/eni.c
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFDUkB2amPtx1brPQ4RAuQxAJ90dVLsZ2Gi0NIkJVaUBitfMsStcgCdE+C2
cqKLFCYW+Uk/LqeAD7tiyBM=
=ya4u
-----END PGP SIGNATURE-----

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


www.preferredcare.org
"An Outstanding Member Experience," Preferred Care HMO Plans -- J. D. Power and Associates

Confidentiality Notice:
The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information.  If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited.  If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.





More information about the redhat-list mailing list