Displaying 15 results from an estimated 15 matches for "pam_oddjob_mkhomedir".
2010 Jun 15
0
how to set up pam_oddjob_mkhomedir (samba and ldap)?
Hi,
I do have a samba server up and running and users are authenticated by ldap.
Login to the samba server works as long as the user has a home directory.
Now if I create a new ldap entry for an user I'd like to use
pam_oddjob_mkhomedir to create a home directory if it dose not exist on
login.
But something fails on my system.
I followed the redhat faq http://kbase.redhat.com/faq/docs/DOC-3973
which may be wron according to that bugzilla entry.
https://bugzilla.redhat.com/show_bug.cgi?id=429524
So I added
session optional...
2019 Oct 10
2
how to automatically create the home directory
>
> > If you're on a RedHat system with selinux (RHEL, CentOS, fedora), then
> > it looks like
> > <https://danwalsh.livejournal.com/69837.html> pam_oddjob_mkhomedir
> > will create the home directories for you and also ensure that the
> > correct selinux labels are applied. I have this on my todo list, as
> > I'm currently using the ADUC method, which is labour intensive.
>
> This will only create the home directories if the user l...
2019 Oct 10
2
how to automatically create the home directory
If you're on a RedHat system with selinux (RHEL, CentOS, fedora), then it
looks like <https://danwalsh.livejournal.com/69837.html> pam_oddjob_mkhomedir
will create the home directories for you and also ensure that the correct
selinux labels are applied. I have this on my todo list, as I'm currently
using the ADUC method, which is labour intensive.
--
Mason
On Thu, 10 Oct 2019 at 03:27, Rowland penny via samba <samba at lists.samba.org&...
2007 Aug 07
2
CentOS5 pam_mkhomedir
I have a problem creating homedirs on the fly. Since RHEL5 / CentOS5 you have to
use pam_oddjob_mkhomedir instead of pam_mkhomedir.
Everything is working (the homedir is created) but two things.
First on every logon I get the following error message, and I don't know how to
fix it:
org.freedesktop.DBus.Error.ServiceUnknown: The name com.redhat.oddjob was not
provided by any .service files
Second...
2015 Feb 24
2
Replacement for NIS/NFS?
...EL6 clients are fully
compatible with EL7 servers and vice versa.
>> 2. Home directories should be created/deleted automagically under the
>> hood.
> You can use pam_mkhomedir to create them, but archiving or deleting home
> directories would be a manual process.
You should use pam_oddjob_mkhomedir for that, it requires fewer
privileges and integrates nicely with SELinux.
>> 3. Every user should be able to login on any machines and find his or
>> her files and preferences.
> You can continue using NFS for that.
FreeIPA also supports automount/autofs.
You should check out the...
2019 Apr 11
0
LMTP, PAM session and home directory autocreation
...euid=174000327(testuser) egid=174000327(testuser
) missing +w perm: /home, dir owned by 0:0 mode=0755)
Apr 9 13:01:55 mailhost dovecot: lmtp(2935): Disconnect from local: Successful quit
The error above seems expected, because it is not LMTP agent's job to create user's home directory but pam_oddjob_mkhomedir.so module should do that.
Right?
And there are common PAM log entries for every user session:
Apr 9 13:24:42 mailhost auth: pam_sss(dovecot:auth): authentication success; logname= uid=0 euid=0 tty=dovecot ruser=validuser rhost=::1 user= validuser
Apr 9 13:24:42 mailhost auth: pam_unix(dovecot:s...
2019 Apr 09
0
LMTP, PAM session and home directory autocreating
...euid=174000327(testuser) egid=174000327(testuser
) missing +w perm: /home, dir owned by 0:0 mode=0755)
Apr 9 13:01:55 mailhost dovecot: lmtp(2935): Disconnect from local: Successful quit
The error above seems expected, because it is not lmtp agent's job to create user's home directory but pam_oddjob_mkhomedir.so module should do that. Right?
And there are log entries every PAM user session:
Apr 9 13:24:42 mailhost auth: pam_sss(dovecot:auth): authentication success; logname= uid=0 euid=0 tty=dovecot ruser=validuser rhost=::1 user= validuser
Apr 9 13:24:42 mailhost auth: pam_unix(dovecot:session): se...
2015 Feb 24
0
Replacement for NIS/NFS?
...EL7 servers and vice versa.
>
> 2. Home directories should be created/deleted automagically under the
>>> hood.
>>>
>> You can use pam_mkhomedir to create them, but archiving or deleting home
>> directories would be a manual process.
>>
> You should use pam_oddjob_mkhomedir for that, it requires fewer privileges
> and integrates nicely with SELinux.
>
> 3. Every user should be able to login on any machines and find his or
>>> her files and preferences.
>>>
>> You can continue using NFS for that.
>>
> FreeIPA also supports aut...
2019 Oct 10
0
how to automatically create the home directory
On 10/10/2019 13:05, Mason Schmitt wrote:
>
> > If you're on a RedHat system with selinux (RHEL, CentOS,
> fedora), then
> > it looks like
> > <https://danwalsh.livejournal.com/69837.html>?pam_oddjob_mkhomedir
> > will create the home directories for you and also ensure that the
> > correct selinux labels are applied.? I have this on my todo
> list, as
> > I'm currently using the ADUC method, which is labour intensive.
>
> This will only create the home...
2020 Jul 28
0
kerberos ticket on login problem
....so sha512 shadow nullok
try_first_pass use_authtok
password??? sufficient??? pam_winbind.so use_authtok
password??? required????? pam_deny.so
session???? optional????? pam_keyinit.so revoke
session???? required????? pam_limits.so
-session???? optional????? pam_systemd.so
session???? optional????? pam_oddjob_mkhomedir.so umask=0077
session???? [success=1 default=ignore] pam_succeed_if.so service in
crond quiet use_uid
session???? required????? pam_unix.so
session???? optional????? pam_winbind.so cached_login
Jason.
2010 Jun 09
2
Samba/LDAP and home dir creation
Hi, all.
I'm working on a project to create a Samba PDC
with LDAP authentication. I've been pretty
successful in getting everything to work.
However, I've run into a small snag:
The PDC is built on an OpenSuse 11.2 box. Most of
the member servers are also OpenSuse 11.2 boxes.
However, a CentOS 5.5 server was just added to
the mix. While users can lo into the CentOS box,
2020 Jul 28
2
kerberos ticket on login problem
I'm experimenting with smb + winbind.
My host is joined to AD and I can login to my host fine using my AD
credentials via SSH.?? The only issue is that I don't get a Kerberos
ticket generated.
In /etc/security/pam_winbind.conf I have:
krb5_auth = yes
krb5_ccache_type = KEYRING
In /etc/krb5.conf, I also have:
default_ccache_name = KEYRING:persistent:%{uid}
Using wbinfo -K jas, then
2019 Oct 10
4
how to automatically create the home directory
Customer asks why [home] doesn't work for a new AD user, turns out the
linux directory doesn't exist on the DM server
How to let that directory be created?
GPO?
I find this:
https://wiki.samba.org/index.php/User_Home_Folders#Using_Active_Directory_Users_and_Computers
but the GPO seems only to create the network drive ... but not the
directory on the samba server itself.
hints?
2015 Feb 23
3
Replacement for NIS/NFS?
Hi,
Over the last few years, I've been using a rather bone-headed solution
to implement centralized authentication and roamin user profiles in
Linux-based networks: a combination of NIS and NFS.
I'm aware it's not ideal in terms of security, but it's been running in
our local school since 2010, and it just works. The current setup is
based on Slackware Linux on both server
2020 Jul 29
1
kerberos ticket on login problem
...first_pass use_authtok
> password??? sufficient??? pam_winbind.so use_authtok
> password??? required????? pam_deny.so
> session???? optional????? pam_keyinit.so revoke
> session???? required????? pam_limits.so
> -session???? optional????? pam_systemd.so
> session???? optional????? pam_oddjob_mkhomedir.so umask=0077
> session???? [success=1 default=ignore] pam_succeed_if.so service in
> crond quiet use_uid
> session???? required????? pam_unix.so
> session???? optional????? pam_winbind.so cached_login
I noticed that wbinfo has a --krb5ccname arg so I tried:
% klist
klist: Credentia...