I've fixed and improved ldap-createuser-krb5 based on the template users, gosa behavior in bullseye, the gosa-create script as well as above suggestion so that it can now be used to create student/teacher which can successfully login on the server as well as from a workstation in the internal network. The only thing that does not work for the created users is logging into gosa although I've added the gosaAccount which was missing before.
gosa logs the following error: GOsa[unauthenticated]: (view) error : PHP error: ldap_bind(): Unable to bind to server: Invalid credentials (/usr/share/gosa/include/class_ldap.inc, line 240) GOsa[unauthenticated]: (view) error : PHP error: Attempt to read property "dn" on null (/usr/share/gosa/include/class_log.inc, line 59) GOsa[unauthenticated]: (security) login : Authentication failed for user "musma" [from 10.0.2.2] I'm not sure whether this is another problem in gosa or if the LDAP user is still missing something. -- Guido Berhoerster

