On 28/08/2020 11:29, Alexander Bokovoy via FreeIPA-users wrote:
On pe, 28 elo 2020, Giulio Casella wrote:
The goal is to create users' home directory.
My setup is a (existing) AD architecture, with FreeIPA trusted with it.
Linux workstations (Fedora based) are joined to ipa, authentication
and authorization work great, but I've no way to auto create home
directory for them.
I was thinking to (nightly) run a script that list AD users and create
unexisting home directories (mkhomedir_helper). Doing it by hand is
not a way, users are tens of thousands.
So you mean the only way is to interact with AD guys (argh!)?
I assume that by 'home directories' above you are refering to
network-mounted home directories. Is that correct?
Yes, that's correct (they reside on a NFS share, automounted at logon).
And that is the origin of the pain...
For local home directories a combination of oddjob and
pam_mkhomedir_oddjob already takes care for autocreating the directories
at logon time.
In Fedora this is set with
authselect enable-feature with-mkhomedir
when sssd profile is chosen.
On 26/08/2020 19:07, Alexander Bokovoy via FreeIPA-users wrote:
On ke, 26 elo 2020, Giulio Casella via FreeIPA-users wrote:
Hi,
I have a FreeIPA setup, in trust with an AD domain.
Is there a way to list trusted users (e.g. belonging to AD domain)
using FreeIPA (for instance with api)?
I only managed to list local users only (currently only "admin" user
in my setup).
I have no access to AD domain, so I can only perform operation in IPA.
No, it is not available and not possible to list. What would be a reason
for listing potentially unbound list of users that aren't exist in
FreeIPA itself?
--
Giulio Casella giulio at di.unimi.it
System and network architect
Computer Science Dept. - University of Milano
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
