We have our domain controller (ipa-server) running on Redhat 7.6 and ipa-clients are running ubuntu 16.04. We are using below command for enrolling these ubuntu machines into the domain controller: ipa-client-install --unattended --domain=example.com --principal=admin --password=changeit@123 --mkhomedir --server=idm.example.com --force-join
When a domain user ssh into any of these ubuntu servers he doesn't see his/her home directory created (although we are using --mkhomedir switch in our enrolment command). We have 150+ servers to fix this problem. Any suggestions.
Thanks, Saurabh Garg
Saurabh Garg via FreeIPA-users wrote:
We have our domain controller (ipa-server) running on Redhat 7.6 and ipa-clients are running ubuntu 16.04. We are using below command for enrolling these ubuntu machines into the domain controller: ipa-client-install --unattended --domain=example.com --principal=admin --password=changeit@123 --mkhomedir --server=idm.example.com --force-join
When a domain user ssh into any of these ubuntu servers he doesn't see his/her home directory created (although we are using --mkhomedir switch in our enrolment command). We have 150+ servers to fix this problem. Any suggestions.
Hard to infer the version of IPA you have but check out https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1336869
rob
From our ansible playbook:
# Make --mkhomedir option work on Ubuntu/Debian - name: Update /usr/share/pam-configs/mkhomedir copy: src: mkhomedir dest: /usr/share/pam-configs/mkhomedir owner: root group: root mode: 0644 backup: yes
- name: Add pam_mkhomedir.so to /etc/pam.d/common-session lineinfile: path: /etc/pam.d/common-session state: present line: 'session required pam_mkhomedir.so skel=/etc/skel/' backup: yes
The contents of /usr/shar/pam-configs/mkhomedir should look like:
Name: Create home directory on login Default: yes Priority: 0 Session-Type: Additional Session-Interactive-Only: yes Session: optional pam_mkhomedir.so
Hope this helps,
John
freeipa-users@lists.fedorahosted.org
-
John Petrini -
Rob Crittenden -
Saurabh Garg