Automake home dir for ldap user, when first time login, add the bold line below at "/etc/pam.d/system-auth" :
#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password sufficient pam_ldap.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so #Add this line session required pam_mkhomedir.so skel=/etc/skel/ umask=0077 # session optional pam_ldap.so
example:
[root@ketoprak ~]# ssh kura@localhost kura@localhost's password: Creating directory '/home/kura'. Creating directory '/home/kura/.mozilla'. Creating directory '/home/kura/.mozilla/extensions'. Creating directory '/home/kura/.mozilla/plugins'. Last login: Mon Aug 22 10:23:56 2011 from ketoprak.asik.com
Comments
Post a Comment