On Fri, 2014-06-20 at 19:51 +0200, Rob Verduijn wrote:
> Considering the root immplications.
> 
> Handing out root to all nfs clients is indeed something that is undesirable.
> However personally I believe manually creating homedirs to be a
> procedure from the previous millenium.
> 
> Can I get freeipa to do this automatically the right way ? (respecting 
> security)

Not yet, because it is complicated, the problem is that the FreeIPA
server doesn't necessarily know "where" the home directories are.
We assume the user want's to provide them from a dedicated NAS or other
NFS Server.

We are tracking the desire to perform operations (like home directory
creation) when a user is created here:
https://fedorahosted.org/freeipa/ticket/2156

In the meanwhile I can suggest using some script in a cronjob on the NFS
Server that fetches the users list from ldap and proceed to create a
home directory from the homeDirectory attribute, if it is missing.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to