On Wed, Mar 27, 2013 at 11:10:37AM -0400, Sutton, Harry (GSE) wrote: > On 03/27/2013 10:46 AM, Stephen Gallagher wrote: > >-----BEGIN PGP SIGNED MESSAGE----- > >Hash: SHA1 > > > >On Wed 27 Mar 2013 10:14:21 AM EDT, Sutton, Harry (GSE) wrote: > >>Okay, on my Fedora 18 laptop, I can login to my system as an > >>Active Directory user (sssd-ad), both via ssh from a remote system > >>and locally through one of the console (Ctrl-Alt-F2) screens. (I > >>haven't succeeded in getting the GDM login process to work yet.) > >>But in both login cases, I end up in / as my current directory; the > >>home directory does not get created. > >> > >>The oddjobd daemon is running, and I have an entry for > >>pam_oddjob_mkhomedir in /etc/pam.d/system-auth, (and it shows as > >>'enabled' in the output of authconfig --test) but the directory > >>isn't created on login. I apologize if this question has been asked > >>and answered before, but I'm under some time pressure to complete > >>a training seminar here at HP for making RHEL / AD Integration work > >>and I don't have the time to sift through the list archives. > >> > >>I can provide configuration files and debug log output on request, > >>but I've gone through most of it and haven't found an obvious cause > >>for this problem. Any suggestions would be greatly appreciated. > >> > >Check whether a home directory is listed when you run 'getent passwd > ><username>' for a valid user. It should look something like below: > > > >sgallagh:*:99999:99999:Stephen Gallagher:/home/sgallagh:/bin/bash > > > > > >If you don't have a home directory between the GECOS and shell fields > >in that output, it probably means that you don't have a > >unixHomedirectory specified in ActiveDirectory. In that case, you > >probably want to set the option: > >fallback_homedir = /home/%u > > > >(See sssd-ad(5) for more detail on the options that can take). This > >will tell SSSD to assign a home directory according to that template > >if it's not offered by AD. (AD's version will override this if it > >becomes set. If you don't want that, we also have the override_homedir > >option which forces the local version to win) > >-----BEGIN PGP SIGNATURE----- > >Version: GnuPG v1.4.13 (GNU/Linux) > >Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > > >iEYEARECAAYFAlFTBk8ACgkQeiVVYja6o6O/LwCeKrF463XIee8ru8SJi/9YyO7O > >sNQAniepvUimWXxu3e4RERUHoJwJo9An > >=lsMu > >-----END PGP SIGNATURE----- > >_______________________________________________ > >sssd-users mailing list > >[email protected] > >https://lists.fedorahosted.org/mailman/listinfo/sssd-users > Thanks, Stephen - that solved the directory problem. I had tried > manually enforcing creation with 'create_homedir = true', which is > the default behavior, but it didn't occur to me to set > fallback_homedir. >
create_homedir is an option that is only valid for a domain that has id_provider set to "local". We keep the option for the local domain in the main sssd.conf file and they keep confusing users. We should split them or explain them better: https://fedorahosted.org/sssd/ticket/1850 > My AD entry does have an LDAP attribute of "homeDirectory" but not > "unixHomedirectory". > Then you can override the default by setting: ldap_user_home_directory = homeDirectory > I have a couple other questions to ask, but rather than pollute this > topic thread I'll post another message to the list. Thanks a million > for the quick turnaround. > > /Harry > _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
