SSSD 1.11 and AD homeDirectory

Simo Sorce simo at
Wed Sep 11 21:32:29 UTC 2013

On Wed, 2013-09-11 at 15:26 -0500, Jeffrey Ollie wrote:
> On Wed, Sep 11, 2013 at 3:07 PM, Simo Sorce <simo at> wrote:
> >
> > Almost certainly you do not want a home directory backed by a cifs
> > filesystem, however if you really do I suggest you configure autofs and
> > cifs with multi-user mounts on your machine.
> It's not a question of "want", I'm trying to integrate a Fedora
> desktop(s) as seamlessly as possible into an existing Active Directory
> environment, and that means having a user's personal files accessible
> as seamlessly as possible. 

Having a 'separate' path accessible, and using a Windows share as the
home directory for a unix-like machine are quite different things.
Not even windows machine have their profile on a network share.

>  The new AD support in SSSD 1.11 means that
> the AD admins don't need to extend the AD schema and maintain the new
> attributes.

I know I helped build that.

> > You will not be able to have the home directory be specified by the AD
> > server though unless you want to cleverly use the unixHomeDirectory
> > attribute (and your windows admin properly populates it for each user).
> The actual attribute in AD is "homeDirectory" and is populated with
> UNC paths to the user's home directory.

That's the windows attribute yes, and homeDrive has the drive letter to
use (IIRC).

>   I'll have to dig into autofs to see if it can do what I want.

autofs won't have access to the arbitrary UNC stored in AD, but it may
be a good feature request for SSSD.
We do have autofs support in SSSD, maybe we could have some special
module for AD to fake up an autofs configuration out of the Windows
homeDirectory for use with a cifs mount point.

May be worth opening a RFE upstream.


Simo Sorce * Red Hat, Inc * New York

More information about the devel mailing list