account management across multiple subnets

Shane Hathaway shane at hathawaymix.org
Tue Oct 23 15:39:21 MDT 2007


Kyle Waters wrote:
>     We are using ldap for authentication.  So that part is easy, but 
> then I need to create the users home directories on an nfs server that 
> hosts home directories for the central server in the home office.  I 
> also need to create a home directory on the samba server in the 
> appropriate remote location.  Then when their account is deleted I need 
> to delete both directories and their mail file.

For directory creation, you might use pam_mkhomedir, which automatically
creates a home directory when a new user logs in.

http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/sag-pam_mkhomedir.html

I just enabled this on a Debian etch system.  It seems to work quite
well.  All I had to do was add the following line to
/etc/pam.d/common-account:

session  required  pam_mkhomedir.so skel=/etc/skel/ umask=0022

As for directory deletion, I would guess that would better be done by
hand, if at all.  In many cases, you'll want to back up the files before
removal, since the home directories could easily have customer data or
other information valuable to the company.

Shane



More information about the PLUG mailing list