[Freeipa-users] Re: IPA policy creation
On Wed, 2017-10-11 at 10:41 -0400, Mark Haney wrote: > On 10/10/2017 05:46 PM, Simo Sorce wrote: > > > > > > > > Could you perhaps do something weird with the default shell > > > setting? > > > > probably can use oddjob/oddjob_mkhomedir properly configured on the > > various servers. > > > > Simo. > > > > Actually it was even simpler than that, and goes to show what > happens > when you over-think things. As this was on a server that needed all > home directories to have this symlink, I just added it to the > skeleton > directory. I really feel like an idiot for not thinking about that. > I > haven't had to mess with /etc/skel in so long, it never crossed my > mind > until I read the oddjobd_mkhomedir man page. I hate getting old. > This is what I meant with "properly configured" :-) Simo. -- Simo Sorce Sr. Principal Software Engineer Red Hat, Inc ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: IPA policy creation
On 10/10/2017 05:46 PM, Simo Sorce wrote: Could you perhaps do something weird with the default shell setting? probably can use oddjob/oddjob_mkhomedir properly configured on the various servers. Simo. Actually it was even simpler than that, and goes to show what happens when you over-think things. As this was on a server that needed all home directories to have this symlink, I just added it to the skeleton directory. I really feel like an idiot for not thinking about that. I haven't had to mess with /etc/skel in so long, it never crossed my mind until I read the oddjobd_mkhomedir man page. I hate getting old. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: IPA policy creation
On Tue, 2017-10-10 at 17:36 -0400, Robbie Harwood via FreeIPA-users wrote: > Rob Crittenden writes: > > > Mark Haney via FreeIPA-users wrote: > > > > > Due to people not documenting squat here over years, one of our > > > servers configurations got jacked up when I migrated it from > > > OpenLDAP > > > to IPA. This is a CentOS 6 server that runs RANCID to pull > > > customer > > > edge router configs. The old OpenLDAP setup had a policy in > > > Kerberos > > > that would create a symlink to the RANCID backup directory in the > > > home directory of a new user account upon first login. Is it > > > possible to set this up in IPA? If so, are there docs/how tos on > > > doing this? > > > > > > I would assume it's an IPA policy, but I'm not sure how similar > > > it > > > would be to doing it in OpenLDAP/Kerberos. > > > > > > > Unfortunately there is no way to specify scripts upon user login > > (first or otherwise) in IPA currently. > > Could you perhaps do something weird with the default shell setting? probably can use oddjob/oddjob_mkhomedir properly configured on the various servers. Simo. -- Simo Sorce Sr. Principal Software Engineer Red Hat, Inc ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org