Home for LDAP users

English Install/Boot/Login
1

Hi all,
I configured an OpenLDAP server in order to centrally manage users.
Now, I can log into my OpenSuse workstations with LDAP users but they have no home and it is not created when the user logs in.
If I only create the folder under /home, the user is able to login but I have some KDE error.
if I manually create the folder by copying /etc/skel, everything seems ok, but it’s ridicolous I have to create homes for all users on all workstations.
is there a way to automatically create the home when the user logs in?

2

Hi and welcome to the openSUSE Forum
Have you added the following line to /etc/pam.d/common-account?


session    required   pam_mkhomedir.so skel=/etc/skel/ umask=0022
3

I tried right now by adding a line in /etc/pam.d/common-account and it is not working.
Here it is my common-account


account requisite       pam_unix.so     try_first_pass
account sufficient      pam_localuser.so
account required        pam_sss.so      use_first_pass
session required        pam_mkhomedir.so        skel=/etc/skel/ umask=0022

When I try to login it says it cannot enter home directory.
How ever I noticed in the file common-auth that in the comment sections it says:
“This file is autogenerated by pam-config. All changes will be overwritten.”
Should I use pam-config to modify the file?

4

On Tue 26 Jan 2016 02:36:01 PM CST, roberto guerra wrote:

I tried right now by adding a line in /etc/pam.d/common-account and it
is not working.
Here it is my common-account

Code:

account requisite pam_unix.so try_first_pass
account sufficient pam_localuser.so
account required pam_sss.so use_first_pass
session required pam_mkhomedir.so skel=/etc/skel/
umask=0022

When I try to login it says it cannot enter home directory.
How ever I noticed in the file common-auth that in the comment sections
it says:
“This file is autogenerated by pam-config. All changes will be
overwritten.”
Should I use pam-config to modify the file?

Hi
That would be my suggestion, or try using YaST LDAP, it should do
everything for you.


Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
SUSE Linux Enterprise Desktop 12 SP1|GNOME 3.10.4|3.12.51-60.25-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!

5

Ok, I have no idea on how to use pam-config :
Moreover in the man page of pam_mkhomedir I found that the file to modify is /etc/pam.d/login. But it’s still not working.

Yast ldap is not existing anymore… :’(

It’s really annoying that an obvious setting like this is not a simple checkbox option…

6

Hi
It exists for 13.2?
https://software.opensuse.org/package/yast2-ldap

7

I mean that it is not like the old LDAP client tool anymore, it’s a new tool called “Authentication client” that is totally different and, for me, is missing some of the old features.

8

GOT IT!!!

The correct file to modify is /etc/pam.d/xdm
Now I can login and the home is created. :good:

Thanks for your help