On 03/27/2013 10:46 AM, Stephen Gallagher wrote:
Thanks, Stephen - that solved the directory problem. I had tried manually enforcing creation with 'create_homedir = true', which is the default behavior, but it didn't occur to me to set fallback_homedir.-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1On Wed 27 Mar 2013 10:14:21 AM EDT, Sutton, Harry (GSE) wrote:Okay, on my Fedora 18 laptop, I can login to my system as an Active Directory user (sssd-ad), both via ssh from a remote system and locally through one of the console (Ctrl-Alt-F2) screens. (I haven't succeeded in getting the GDM login process to work yet.) But in both login cases, I end up in / as my current directory; the home directory does not get created. The oddjobd daemon is running, and I have an entry for pam_oddjob_mkhomedir in /etc/pam.d/system-auth, (and it shows as 'enabled' in the output of authconfig --test) but the directory isn't created on login. I apologize if this question has been asked and answered before, but I'm under some time pressure to complete a training seminar here at HP for making RHEL / AD Integration work and I don't have the time to sift through the list archives. I can provide configuration files and debug log output on request, but I've gone through most of it and haven't found an obvious cause for this problem. Any suggestions would be greatly appreciated.Check whether a home directory is listed when you run 'getent passwd <username>' for a valid user. It should look something like below: sgallagh:*:99999:99999:Stephen Gallagher:/home/sgallagh:/bin/bash If you don't have a home directory between the GECOS and shell fields in that output, it probably means that you don't have a unixHomedirectory specified in ActiveDirectory. In that case, you probably want to set the option: fallback_homedir = /home/%u (See sssd-ad(5) for more detail on the options that can take). This will tell SSSD to assign a home directory according to that template if it's not offered by AD. (AD's version will override this if it becomes set. If you don't want that, we also have the override_homedir option which forces the local version to win) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlFTBk8ACgkQeiVVYja6o6O/LwCeKrF463XIee8ru8SJi/9YyO7O sNQAniepvUimWXxu3e4RERUHoJwJo9An =lsMu -----END PGP SIGNATURE----- _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
My AD entry does have an LDAP attribute of "homeDirectory" but not "unixHomedirectory".
I have a couple other questions to ask, but rather than pollute this topic thread I'll post another message to the list. Thanks a million for the quick turnaround.
/Harry
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
