On Wed, Mar 27, 2013 at 12:11:02PM -0400, Simo Sorce wrote: > On Wed, 2013-03-27 at 16:17 +0100, Jakub Hrozek wrote: > > On Wed, Mar 27, 2013 at 11:10:37AM -0400, Sutton, Harry (GSE) wrote: > > > On 03/27/2013 10:46 AM, Stephen Gallagher wrote: > > > >-----BEGIN PGP SIGNED MESSAGE----- > > > >Hash: SHA1 > > > > > > > >On Wed 27 Mar 2013 10:14:21 AM EDT, Sutton, Harry (GSE) wrote: > > > >>Okay, on my Fedora 18 laptop, I can login to my system as an > > > >>Active Directory user (sssd-ad), both via ssh from a remote system > > > >>and locally through one of the console (Ctrl-Alt-F2) screens. (I > > > >>haven't succeeded in getting the GDM login process to work yet.) > > > >>But in both login cases, I end up in / as my current directory; the > > > >>home directory does not get created. > > > >> > > > >>The oddjobd daemon is running, and I have an entry for > > > >>pam_oddjob_mkhomedir in /etc/pam.d/system-auth, (and it shows as > > > >>'enabled' in the output of authconfig --test) but the directory > > > >>isn't created on login. I apologize if this question has been asked > > > >>and answered before, but I'm under some time pressure to complete > > > >>a training seminar here at HP for making RHEL / AD Integration work > > > >>and I don't have the time to sift through the list archives. > > > >> > > > >>I can provide configuration files and debug log output on request, > > > >>but I've gone through most of it and haven't found an obvious cause > > > >>for this problem. Any suggestions would be greatly appreciated. > > > >> > > > >Check whether a home directory is listed when you run 'getent passwd > > > ><username>' for a valid user. It should look something like below: > > > > > > > >sgallagh:*:99999:99999:Stephen Gallagher:/home/sgallagh:/bin/bash > > > > > > > > > > > >If you don't have a home directory between the GECOS and shell fields > > > >in that output, it probably means that you don't have a > > > >unixHomedirectory specified in ActiveDirectory. In that case, you > > > >probably want to set the option: > > > >fallback_homedir = /home/%u > > > > > > > >(See sssd-ad(5) for more detail on the options that can take). This > > > >will tell SSSD to assign a home directory according to that template > > > >if it's not offered by AD. (AD's version will override this if it > > > >becomes set. If you don't want that, we also have the override_homedir > > > >option which forces the local version to win) > > > >-----BEGIN PGP SIGNATURE----- > > > >Version: GnuPG v1.4.13 (GNU/Linux) > > > >Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > > > > > > >iEYEARECAAYFAlFTBk8ACgkQeiVVYja6o6O/LwCeKrF463XIee8ru8SJi/9YyO7O > > > >sNQAniepvUimWXxu3e4RERUHoJwJo9An > > > >=lsMu > > > >-----END PGP SIGNATURE----- > > > >_______________________________________________ > > > >sssd-users mailing list > > > >sssd-users@lists.fedorahosted.org > > > >https://lists.fedorahosted.org/mailman/listinfo/sssd-users > > > Thanks, Stephen - that solved the directory problem. I had tried > > > manually enforcing creation with 'create_homedir = true', which is > > > the default behavior, but it didn't occur to me to set > > > fallback_homedir. > > > > > > > create_homedir is an option that is only valid for a domain that has > > id_provider set to "local". We keep the option for the local domain in > > the main sssd.conf file and they keep confusing users. We should split > > them or explain them better: > > https://fedorahosted.org/sssd/ticket/1850 > > > > > My AD entry does have an LDAP attribute of "homeDirectory" but not > > > "unixHomedirectory". > > > > > > > Then you can override the default by setting: > > ldap_user_home_directory = homeDirectory > > Not sure this is advisable, what you find in homeDirectory is usually a > string in a form you can't use as a unix home directory, hence why they > also have the explicit unixHomeDirectory attribute.
Ah, sorry, in that case you are right. I was under the impression that in Harry's case it contained the unix home dir. _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
