Hi,

I have the following issue and I am hoping someone here can help. I have setup Fedora-DS, I basically want to set it up so that it does the following.

All client machines authenticate against Fedora-DS server (I have this working)
When user logs on his home dir is mounted via NFS to the client machine.

However If I create a new user I dont want to be creating the homedir on the NFS server each time (can this be avoided)?

I have issues with the following:

1) Getting a new user Homedir created automatically on the NFS share (if this is possible)
2) Getting the client machines to automount the users homedirs when they login. (Home dirs should be owned by the user).

I have seen a few posts about schema addon etc... is this still required? if so can somone please give detailed instruction on where to put the files etc....

This is a test setup and I will eventually have two Fedora-DS servers which will replicate authentication data etc... and there will be located on two sites all clients will use their local server only in the event of a failure they can use the backup in the other site. (instructions for this would be much appreciated).

Regards

you don't necessarily require an additional schema add-on if you just want the directory to be /home/<login> name.

how to go about doing this depends upon the clients in question and how they are authenticating.

if the clients are windows then the domain controller can be setup to execute a script on login. In this instance it would seem that your linux box, via samba, should be a domain controller.. if you had a windows one you wouldn't need fds because you'd have ad.

if the clients are not windows, which makes more sense if you want to mount an nfs drive (cant with windows out of the box) then you could just add the pam_mkhomedir and pam_mount to your pam configurations.

ok, all my clients are linux boxes.

The idea is simple, central authentication, and central homedirs. Users logon to any server(clients) and they get their homedir mounted via NFS from central server.

The central authentication is easy to setup, however, the getting ldap, and client machines to mount the homedirs is a problem.

Also when creating the user on the LDAP server (which is also the NFS central homedir server) would FDS using pam_makehomedir create the homedir?).

Is there a simple straight forward howto on this? I cant seem to get automount and working via ldap etc...

fds is just a directory service. it doesn't do anything more than that.

your authentication system, which could be anything but is usually configured to use pam (pluggable authentication modules), basically consults the directory, via a pam_ldap module to retrieve username and either attempt login with supplied password or compare password hashes to verify the login.

the pam modules i mentioned would then allow you to make sure the home directory existed and that an nfs mount was created when the user logged in.

the complexities come with how you want to configure the logging in. it sounds to me like you're trying to replicate domain controller functionality and as such, it might be better to configure samba as a domain controller and have the other systems join the domain.

try http://directory.fedoraproject.org/wiki/Howto:PAM for further details on pam
and http://directory.fedoraproject.org/wiki/Howto:Samba for details on samba

I think i got it now,

Basically I can login via LDAP which works, I just need to configure the pam module you mentioned to create users home dir (which will be NFS mounted via NFS).

The client machines will create the user home dir with uid/gid recieved from ldap. So hopefully that problem should be sorted.

The only issue I have now, is their a way to create automatic posix UID/GID, so user's dont have the same ID by accident.

A solution here is to just export the /home directory of the central server via NFS. Then, have all of the client machines automatically mount the server /home as local /home. That way, once a user has logged in (which as you say is already working fine), their /home/username files are already mounted and working and because they have logged in they should thence have access permissions to use them.

A solution here is to just export the /home directory of the central server via NFS. Then, have all of the client machines automatically mount the server /home as local /home. That way, once a user has logged in (which as you say is already working fine), their /home/username files are already mounted and working and because they have logged in they should thence have access permissions to use them.

the issue with that is that the home directories may not exist, which was stated in the first part of the post :)

Ok,

So I have been documenting my installation for Fedora DS on Centos 5 (since Centos Directory server is still in testing). The installation is straight forward and I am now up to the

Configuring NFS on the server side, then configuring automount (Ideally I would like the automount configuration on the ldap server rather then configuring each client).

Once this is working, I can then work on placing the pam_mkhomedir module to auto create user home directories on first login.

Please check out my documentation :)

http://wiki.unixcraft.com/display/MainPage/Fedora+Directory+Server