SCIENTIFIC-LINUX-USERS Archives

July 2007

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Authentication with Active Directory
From:
Kong <[log in to unmask]>
Reply To:
Kong <[log in to unmask]>
Date:
Tue, 24 Jul 2007 13:52:50 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (43 lines) 
I use winbind for authentication, and oddjob for auto creation of home
directories.



Winbind AD configuration:

http://redmondmag.com/columns/article.asp?EditorialsID=858


For automatic creation of home directories :

(from http://www.redhat.com/magazine/024oct06/features/tips_tricks/index.html)
(replace up2date with yum)

To create home directories on-the-fly, use pam_oddjob_mkhomedir
instead. In this case, the directory creation will be handled by a
D-Bus service running as root instead.
To put it in place follow the steps below:

    * Update the oddjob package:

      up2date -i oddjob

    * Restart D-Bus, this might require to restart some services that
rely on D-Bus, such as hal:

      #service messagebus restart

    * Start the oddjob service:

      #service oddjobd restart

    * Make sure it runs on startup:

      #chkconfig oddjobd on

    * Modify the PAM configuration to use pam_oddjob_mkhomedir. For
example, add this line at the bottom of /etc/pam.d/system-auth:

      session required /lib/security/$ISA/pam_oddjob_mkhomedir.so
skel=/etc/skel/ umask=0022

ATOM RSS1 RSS2