Hey guys.
I've just started experimenting with LDAP through classes I'm taking.
And I came across a problem that I seem to not be able to solve.
Here is the deal.
At first, I created few user account, local ones, on the computer that's supposed to be ldap server. After adding these users, I used migration scripts in Fedora 8 to take out the necessary stuff needed for ldap to function normally with home directories (migrated /etc/passwd,shadow and group). After that, I removed the physical accounts but left the home dirs. After this, I was able to access these accounts by logging in from another computer that was set up as ldap client with autofs/autohome setup. Everything worked flawlessly just as I wanted it.
Then I figured I would create an additional account, manually, just to see how it works. I used the same logic, made sure that the UID/GID didn't conflict with anything existing on the server etc.
Here is how I created an ldif file for a new user (I used the exact same syntax just like one created by migrating scripts, and of course changed necessary stuff to match this one particular account I was about to create).
Code:
dn: uid=newaccount,ou=People,dc=my-domain,dc=com
uid: newaccount
cn: newaccount
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: test123
shadowLastChange: 14203
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 504
gidNumber: 504
homeDirectory: /home/newaccount
the after that - even the group
Code:
dn: cn=newaccount,ou=Group,dc=my-domain,dc=com
objectClass: posixGroup
objectClass: top
cn: newaccount
userPassword: test123
gidNumber: 504
After that, I added the ldif's to the LDAP and it accepted it without compliants, done ldapsearch to verify it was there - everything was okay.
Then, since this is manual creation, I created the home dir according to path above, I made sure to have changed ownership to uid/gid 504 as above.
Then, when I tried to logon from the ldap client, through ssh it went with no problems. Home dir seem to have been accepted too - I could create files and I could clearly see that I was in /home/newaccount (pwd command). However, then I tried to logon through X and it threw me out. Couldn't see any info in the log files (/var/log/messages). However, after inspecting the actual home dir, I found some very strange stuff in the .xsession-errors file which was generated by the unsuccessful X-login:
Code:
Can't create dir /nohome/Desktop
Can't create dir /nohome/Download
Can't create dir /nohome/Templates
Can't create dir /nohome/Public
Can't create dir /nohome/Documents
Can't create dir /nohome/Music
Can't create dir /nohome/Pictures
Can't create dir /nohome/Videos
(gnome-session:4933): libgnomevfs-WARNING **: Unable to create ~/.gnome2 directory: No such file or directory
Could not create per-user gnome configuration directory `/nohome/.gnome2/': No such file or directory
Please note the "/nohome/" part. What could that be? Could PAM be doing something weird?
After that, I redone the manual home-dir creation and I even copied the content from /etc/skel figuring that was the cause of the problems (no default maps present) - still the problem persists.
Very frustrating but hopefully some of you gurus will help me out.
Thanks in advance!
M.
bject_r:user_home_dir_t" is the security context.
