Automake home dir for ldap user


Automake home dir for ldap user, when first time login, add the bold line below at "/etc/pam.d/system-auth" :


#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        requisite     pam_succeed_if.so uid >= 500 quiet
auth        sufficient    pam_ldap.so use_first_pass
auth        required      pam_deny.so
account     required      pam_unix.so broken_shadow
account     sufficient    pam_succeed_if.so uid < 500 quiet
account     [default=bad success=ok user_unknown=ignore] pam_ldap.so
account     required      pam_permit.so
password    requisite     pam_cracklib.so try_first_pass retry=3
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok
password    sufficient    pam_ldap.so use_authtok
password    required      pam_deny.so
session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session     required      pam_unix.so

#Add this line
session     required      pam_mkhomedir.so skel=/etc/skel/ umask=0077
#

session     optional      pam_ldap.so



example:


[root@ketoprak ~]# ssh kura@localhost
kura@localhost's password: 
Creating directory '/home/kura'.
Creating directory '/home/kura/.mozilla'.
Creating directory '/home/kura/.mozilla/extensions'.
Creating directory '/home/kura/.mozilla/plugins'.
Last login: Mon Aug 22 10:23:56 2011 from ketoprak.asik.com

Comments

Popular posts from this blog

authentication failure using SSH pam_unix(sshd:auth): authentication failure;

Howto configure SPLUNK Universal Forwarder

openvpn howto make OCSP server using OpenSSL [Part2]