I want to create a new user on my local machine. This machine authenticates via ldap and krb5 severs of the institution, and it has home directories mounted via a nfs. Now the new user, say with id xyz
, already has an entry in the ldap server. But he doesn't have a home directory created in the nfs server. So I want to create a home directory for xyz
and export it to the local machine, so that next time xyz
logs in the local machine he will redirected to his nfs home.
I logged in to the nfs server and checked xyz
has id like this:
[root@cretaceous home]# id xyz
uid=209228(xyz) gid=1000(access) groups=810691(xyz),1000(access)
[root@cretaceous home]# id -rg xyz
[root@cretaceous home]# id -ru xyz
where 209228 is his id from ldap/krb5 and 810691 is his gid from ldap/krb5. Now if I lookup my id this what I get:
[root@cretaceous home]# id abc
uid=160855(xyz) gid=764530(abc) groups=764530(abc),829857(umg/dept.res.access.workstations),199(nfs_sudoers)
[root@cretaceous home]# id -rg abc
[root@cretaceous home]# id -ru abc
my real gid is same as ldap gid. (I am member of a special sudoers group, 199)
1. If I create a home directory named xyz with ownership specified to xyz (no gid specified), will xyz be able to log in via ldap/krb5 to this directory from local machine?
2. Do I need to create a directory xyz with permission specified by gid, so that when xyz logs on via ldap/krb5 he will have permissions on his home directory?
3. Do I need to create a local group for xyz on nfs server with gid same as ldap gid? Or somehow I need to add xyz to group 810691 on nfs server?
I could have experimented, but as you can guess, I do not have ldap password for xyz (and obviously I am not ldap admin). I only know my account credentials so cannot check if things worked, unless xyz tries to log in and complaints! So I am asking advice of the experts who can surely tel what to do!
Let me know if anymore details I need to give.
Thanks in advance,