Jim Kronebusch wrote: > On Wed, 29 Aug 2007 15:07:19 -0500, Dan Trockman wrote > >> We are using LDAP / Active Directory (windows 2000 server) to >> authenticate thin client user logins to Edubuntu 7.04. Users can >> successfully log-in if we have already created a user for them >> (manually). >> >> 1. What settings are needed to have home folders created for users >> upon initial login without having manually created an account on the >> edubuntu server if they exist on the LDAP server? >> >> 2. How can we limit the maximum size of a user's home folder? >> >> 3. When initially logging in, how can we have them be part of a >> certain group? Can that group name be generated by AD groups that >> already exist? >> > > I made a howto for my Edubuntu/LDAP setup. I am using Edubuntu and OpenLDAP > for my > setup, but I think a couple things in my howto may help you: > > www.1-cs.com/ubuntu_ldap_howto.txt > > I think specifically this portion of step 12 may help you out: > > sudo vim common-session > Add: > session required pam_unix.so > session required pam_mkhomedir.so skel=/etc/skel/ > session optional pam_ldap.so > session optional pam_foreground.so > > The pam_mkhomedir.so module will create a home directory on login if one > doesn't exist. > I haven't tried this with a Windows server, but it would be worth a shot. I've tried the pam_mkhomedir.so line using Windows 2003 AD, and it works. I also add "umask=0077" to the end of that line, but that might not be needed (if it's the default).
-Rob ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
