Hello Guys,
All I have configured 389 Server and its working fine. I can also run this command on client Machine as follows successfully:
ldapsearch -h 389-ds.sap.com -b "dc=im,dc=sap,dc=com" -L "objectclass=*"
And it does show me all the user statistics like this:
# extended LDIF # # LDAPv3 # base <dc=isst,dc=sapient,dc=com> with scope subtree # filter: (objectclass=*) # requesting: ALL # # isst.sapient.com dn: dc=im,dc=sap,dc=com objectClass: top objectClass: domain dc: isst # Directory Administrators, isst.sapient.com dn: cn=Directory Administrators, dc=isst,dc=sapient,dc=com objectClass: top objectClass: groupofuniquenames cn: Directory Administrators uniqueMember: cn=Directory Manager # Groups, im.sap.com dn: ou=Groups, dc=im,dc=sap,dc=com ... ...
It means 389 Client is configured. Now I added a User called meet on 389 DS Server. I have provided:
Default Shell: /bin/bash User ID: 610 GroupID:610 User name: snal
Now When I try logging into the server through :
username: meet password:****
It says:
login as: snalamwar snal@10.209.37.77's password: Last login: Wed Jan 13 03:00:09 2010 from 10.209.37.146 Could not chdir to home directory /home/snal: No such file or directory -bash-3.2$
Then I manually created a directory under /home as snal:
mkdir /home/snal
And Tried logging and this time it does login.
Is this process correct? Do we need to create home directory manually. Pls Suggest.
I am sorry as I have changed few names due to security purpose. I appreciate your help on this regard.
On Tue, Jan 12, 2010 at 9:43 PM, Ajeet S Raina ajeetraina@gmail.com wrote:
Hello Guys,
All I have configured 389 Server and its working fine. I can also run this command on client Machine as follows successfully:
ldapsearch -h 389-ds.sap.com -b "dc=im,dc=sap,dc=com" -L "objectclass=*"
And it does show me all the user statistics like this:
# extended LDIF # # LDAPv3 # base <dc=isst,dc=sapient,dc=com> with scope subtree # filter: (objectclass=*) # requesting: ALL # # isst.sapient.com dn: dc=im,dc=sap,dc=com objectClass: top objectClass: domain dc: isst # Directory Administrators, isst.sapient.com dn: cn=Directory Administrators, dc=isst,dc=sapient,dc=com objectClass: top objectClass: groupofuniquenames cn: Directory Administrators uniqueMember: cn=Directory Manager # Groups, im.sap.com dn: ou=Groups, dc=im,dc=sap,dc=com ... ...
It means 389 Client is configured. Now I added a User called meet on 389 DS Server. I have provided:
Default Shell: /bin/bash User ID: 610 GroupID:610 User name: snal
Now When I try logging into the server through :
username: meet password:****
It says:
login as: snalamwar snal@10.209.37.77's password: Last login: Wed Jan 13 03:00:09 2010 from 10.209.37.146 Could not chdir to home directory /home/snal: No such file or directory -bash-3.2$
Then I manually created a directory under /home as snal:
mkdir /home/snal
And Tried logging and this time it does login.
Is this process correct? Do we need to create home directory manually. Pls Suggest.
You can tweak the pam configuration for login to use the pam_mkhomedir.so module, which will create home directory automatically when the users login to client machines.
----- Original Message ----- From: "Ajeet S Raina" ajeetraina@gmail.com To: 389-users@lists.fedoraproject.org Sent: Tuesday, January 12, 2010 9:46:08 PM GMT +05:30 Chennai, Kolkata, Mumbai, New Delhi Subject: Re: [389-users] Doubt regarding 389 Client Home Directory?
I am sorry as I have changed few names due to security purpose. I appreciate your help on this regard.
On Tue, Jan 12, 2010 at 9:43 PM, Ajeet S Raina < ajeetraina@gmail.com > wrote:
Hello Guys,
All I have configured 389 Server and its working fine. I can also run this command on client Machine as follows successfully:
ldapsearch -h 389-ds.sap.com -b "dc=im,dc=sap,dc=com" -L "objectclass=*"
And it does show me all the user statistics like this:
# extended LDIF # # LDAPv3 # base <dc=isst,dc=sapient,dc=com> with scope subtree # filter: (objectclass=*) # requesting: ALL # # isst.sapient.com dn: dc=im,dc=sap,dc=com objectClass: top objectClass: domain dc: isst # Directory Administrators, isst.sapient.com dn: cn=Directory Administrators, dc=isst,dc=sapient,dc=com objectClass: top objectClass: groupofuniquenames cn: Directory Administrators uniqueMember: cn=Directory Manager # Groups, im.sap.com dn: ou=Groups, dc=im,dc=sap,dc=com ... ...
It means 389 Client is configured. Now I added a User called meet on 389 DS Server. I have provided:
Default Shell: /bin/bash User ID: 610 GroupID:610 User name: snal
Now When I try logging into the server through :
username: meet password:****
It says:
login as: snalamwar snal@10.209.37.77's password: Last login: Wed Jan 13 03:00:09 2010 from 10.209.37.146 Could not chdir to home directory /home/snal: No such file or directory -bash-3.2$
Then I manually created a directory under /home as snal:
mkdir /home/snal
And Tried logging and this time it does login.
Is this process correct? Do we need to create home directory manually. Pls Suggest.
2010/1/12 Ajeet S Raina ajeetraina@gmail.com:
Hello Guys,
[snip]
Now When I try logging into the server through :
username: meet password:****
It says:
login as: snalamwar snal@10.209.37.77's password: Last login: Wed Jan 13 03:00:09 2010 from 10.209.37.146 Could not chdir to home directory /home/snal: No such file or directory -bash-3.2$
Then I manually created a directory under /home as snal:
mkdir /home/snal
And Tried logging and this time it does login.
Is this process correct? Do we need to create home directory manually.
Assuming that you are running on CentOS/Redhat, you have a couple options:
1) Run system-config-authentication. Go to the options tab, check the box to create home directories.
2) Set up automount to mount a remote filesystem for the home directory.
Both have advantages and disadvantages. I use mostly option 2, with a few critical machines on option 1.
Kwan..Thanks for the options. I have no X Windows Installed. But I can easily run :
authconfig-tui
which doesnt show any home directory creation option. But yes, I can see options like:
[root@localhost ~]# authconfig --enablemkhomedir usage: authconfig [options] <--update|--test|--probe> options: -h, --help show this help message and exit --enableshadow, --useshadow enable shadowed passwords by default ... winbindusedefaultdomain is not enabled their primary group
*--enablemkhomedir create home directories for users on their first login* --disablemkhomedir do not create home directories for users on their first login --nostart do not start/stop portmap, ypbind, and nscd -- --probe probe network for defaults and print them [root@localhost ~]#
May I know what command I need to type to work out:
*--enablemkhomedir create home directories for users on their first login* Pls Suggest?
Can you elaborate or provide any tutorial for Option 2?
On Tue, Jan 12, 2010 at 9:54 PM, Kwan Lowe kwan.lowe@gmail.com wrote:
2010/1/12 Ajeet S Raina ajeetraina@gmail.com:
Hello Guys,
[snip]
Now When I try logging into the server through :
username: meet password:****
It says:
login as: snalamwar snal@10.209.37.77's password: Last login: Wed Jan 13 03:00:09 2010 from 10.209.37.146 Could not chdir to home directory /home/snal: No such file or directory -bash-3.2$
Then I manually created a directory under /home as snal:
mkdir /home/snal
And Tried logging and this time it does login.
Is this process correct? Do we need to create home directory manually.
Assuming that you are running on CentOS/Redhat, you have a couple options:
- Run system-config-authentication. Go to the options tab, check the
box to create home directories.
- Set up automount to mount a remote filesystem for the home directory.
Both have advantages and disadvantages. I use mostly option 2, with a few critical machines on option 1. -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
2010/1/12 Ajeet S Raina ajeetraina@gmail.com:
Kwan..Thanks for the options. I have no X Windows Installed. But I can easily run :
authconfig-tui
which doesnt show any home directory creation option. But yes, I can see options like:
[root@localhost ~]# authconfig --enablemkhomedir usage: authconfig [options] <--update|--test|--probe> options: -h, --help show this help message and exit --enableshadow, --useshadow enable shadowed passwords by default ... winbindusedefaultdomain is not enabled their primary group
--enablemkhomedir create home directories for users on their first login --disablemkhomedir do not create home directories for users on their first login --nostart do not start/stop portmap, ypbind, and nscd -- --probe probe network for defaults and print them [root@localhost ~]#
May I know what command I need to type to work out: --enablemkhomedir create home directories for users on their first login Pls Suggest?
Can you elaborate or provide any tutorial for Option 2?
On Tue, Jan 12, 2010 at 9:54 PM, Kwan Lowe kwan.lowe@gmail.com wrote:
2010/1/12 Ajeet S Raina ajeetraina@gmail.com:
Hello Guys,
[snip]
Now When I try logging into the server through :
username: meet password:****
It says:
login as: snalamwar snal@10.209.37.77's password: Last login: Wed Jan 13 03:00:09 2010 from 10.209.37.146 Could not chdir to home directory /home/snal: No such file or directory -bash-3.2$
Then I manually created a directory under /home as snal:
mkdir /home/snal
And Tried logging and this time it does login.
Is this process correct? Do we need to create home directory manually.
Assuming that you are running on CentOS/Redhat, you have a couple options:
- Run system-config-authentication. Go to the options tab, check the
box to create home directories.
- Set up automount to mount a remote filesystem for the home directory.
Both have advantages and disadvantages. I use mostly option 2, with a few critical machines on option 1. -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
--
”It is not possible to rescue everyone who is caught in the Windows quicksand --Make sure you are on solid Linux ground before trying.”
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Ajeet,
I would suggest you read many guides like http://www.section6.net/wiki/index.php/Setting_up_OpenLDAP_for_Unix_Authenti... by Google pam unix ldap
While the redhat tools can make it easy, in the long run it pays to understand how to configure pam files, /etc/ldap.conf, nsswitch and other supplemental tools.
389-users@lists.fedoraproject.org
-
Ajeet S Raina -
Edward Capriolo -
Kwan Lowe -
Premod Dev