Automatic AD user directory creation/mapping
 

I have successfully configured a Fedora Core 2 machine to authenticate off our school's Win2K Active Directory server. But, when I enter a random user's account name and password, Fedora tells me the user's home directory in /home does not exist. If I create a home directory, then the login process completes successfully. With 160 users, this manual process does not appeal to me much.

I know there is way to automate the process (create a new user home directory upon login/authentication), but my searches have not turned up anything real clear.

Alternatively, is it possible to automatically map the user's network folder on the Windows server on the Fedora box?

Thanks.

Hey
I'm afraid I can't help, however, I am interested to know how to do this. I have a server (on which all user data is stored) and a couple of people use my desktop. Therefore, I wanted them to be able to log onto my desktop and the desktop to automatacally load their /home/user folder from the server.

Both of my machines are linux.

hamish

Well, I have made some progress. After more time spent googling (really, should it be this hard to get a basic question answered), I discovered one must add lines to files in the pam.d directory to automate the /home/domain/username directory creation.

This goes into /etc/pam.d/system-auth:
-------------------------------------------------------------
session required pam_mkhomedir.so skel=/etc/skel umask=0022

Now my problem is I have the directories, but the users cannot log in. This message appears after the creation of the directories: "The system administrator has disabled your account."

Further investigation has so far turned up no solution.
:(

hamish --

Look for info regarding pam_mount . This will apparently mount the user's Windows network directory. I may go that way myself, if I cannot get this other problem licked.

It could be that the "template shell" in Samba is set to one that doesn't allow a login (e.g. /bin/false rather than /bin/bash).

My bad ...

After restarting the machine, I was able to log in successfully. I changed /bin/false to /bin/bash, even before I read your post, but I forgot to restart samba and network services after making the change.

In reading up on PAM, I did notice that the order of the lines in /etc/pam.d/login and system.auth does make a difference. Just to play it safe, I moved the make directory command first in the session listings.

Still working on the network mounts, but I am much happier now that I have a working Fedora system in my school's computer lab.

Probably a good idea. I found that logins will fail with a mess of errors if the user's home directory doesn't exist *before* the shell/desktop environment starts to load.