nasir nasir wrote:

I tried to follow your recommendations with RHEL 6.1 beta on server and
client machine. Centralized login and such things work. I have NFS
service too working. But automount is not working. For the time being I
configured my server as NFS server and created a folder /export as a
share for creating home folder. I have * *enabled
in pam files for autocreation of home folders. Now I can manually mount
the /export nfs share on the server and the client successfully. But
when I do that on server for testing and try to login as a new user(e.g
abc), it is not creating home folder. It gives the following error,

*oddjob-mkhomedir[16401]: error setting permissions on /home/abc:
Operation not permitted*

I have given 777 for my /export and rw permission in /etc/export. Output
of the command *ipa automountlocation-tofiles default*.

*/- /etc/*
*/share /etc/auto.share*
*/home /etc/auto.home*
** -rw,nfs4,sec=krb5,soft,rsize=8192,wsize=8192*
* *
I tried reading many docs(RHEL deployment guide, google, FreeIPA doc
etc). The problem is that they are confusing and conflicting in many cases.

Please advice me how to proceed.

I'd start with system error logs: /var/log/messages, /var/log/secure, /var/log/audit/audit.log


Thanks and Regards,


                OK, I'd probably do something like this: After
                install IPA, add one host as an IPA client with the
                following switch: --mkhomedir,, something like
                ipa-client-install --mkhomedir -p admin. Then, mount
                the directory that you are going to use a /home on
                that machine. Once you create users in IPA, the
                first time you log in as that user, do so from that
                client, and it will attempt to create the home
                directory for you. This should be the only machine
                that has permissions to create directories under
                /home. Now, create an automount location and map,
                and create a key for /home

                The instructions from our test day should get you


Freeipa-users mailing list

Freeipa-users mailing list

Reply via email to