hello all

i'm new to linux and i want to build a network that support a central authentication. i've already install and configure my debian etch as ldap server and kubuntu feisty as ldap client using simple ldap authentication and it's work. next, i want my ldap client use ldap server home directory instead of using local home directory and the client just can access his home directory on the server, so i install autofs-ldap for automounting the user home directory from the server. this is the ldif file that i've already enter on my ldap server:

dn: ou=people, dc=insys,dc=local
objectClass: organizationalUnit
ou: people

dn: ou=groups,dc=insys,dc=local
objectClass: organizationalUnit
ou: groups

dn: uid=tes01,ou=people,dc=insys,dc=local
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: tes01
sn: joe
givenName: tes01
cn: tes01 Joe
displayName: tes01 Joe
uidNumber: 1001
gidNumber: 10000
userPassword: {MD5}4galTpdpDM5QzIct1w7olg==
gecos: tes01 Joe
loginShell: /bin/bash
homeDirectory: /home/tes01
shadowExpire: -1
shadowFlag: 0
shadowWarning: 7
shadowMin: 8
shadowMax: 999999
shadowLastChange: 10877
mail: tes01.Joe@insys.local
postalCode: 31000
l: Toulouse
o: Example
mobile: +33 (0)6 xx xx xx xx
homePhone: +33 (0)5 xx xx xx xx
title: System Administrator
postalAddress:
initials: TJ

dn: cn=example,ou=groups,dc=insys,dc=local
objectClass: posixGroup
cn: example
gidNumber: 10000

dn: ou=admin,dc=insys,dc=local
ou: admin
objectClass: top
objectClass: organizationalUnit

dn: ou=automount,ou=admin,dc=insys,dc=local
ou: automount
objectClass: top
objectClass: organizationalUnit

dn: ou=auto.master,ou=automount,ou=admin,dc=insys,dc=local
ou: auto.master
objectClass: top
objectClass: automountMap

dn: ou=auto_home,ou=automount,ou=admin,dc=insys,dc=local
ou: auto_home
objectClass: top
objectClass: automountMap

dn: cn=/home,ou=auto.master,ou=automount,ou=admin,dc=insys,dc=local
cn: /home
objectClass: top
objectClass: automount
automountInformation: ldap://192.168.2.5u=auto_home,ou=automount,ou=admin,dc=insys,dc=local --timeout=600 --ghost

dn: cn=tes01,ou=auto_home,ou=automount,ou=admin,dc=insys,dc=local
cn: tes01
objectClass: top
objectClass: automount
automountInformation: -fstype=nfs,rw,hard,intr,nodev,exec,nosuid,rsize=8192,wsize=8192 192.168.2.5:/export/home/tes01

on the server i configured:

/etc/exports

/home 192.168.2.0/24(rw,sync)

on the client i configured:

/etc/nsswitch.conf

automount files ldap

and i restart the autofs with sudo invoke-rc.d autofs restart

then i want to see if the automount work or not with :

sudo invoke-rc.d autofs status

and it show a result like this:
Configured Mount Points:
------------------------
/usr/sbin/automount --timeout=600 --ghost /home ldap //192.168.2.5u=auto_home,ou=automount,ou=admin,dc=insys,dc=local

Active Mount Points:
--------------------

my question is why there is not active mount points, do i miss something there?

sorry for my bad english language

i would suggest that you don't really need to be this complicated. are all these users home directories on a single server? /home/usera, /home/userb etc...? in which case just mount the entire /home elsewhere, with with autofs if desired, and let the standard unix uid's and such preclude a user accessing other peoples directories.

also nothing to do with networking. moved to Linux - General.

thanks for the advice acid, and sorry if i post in wrong place. there a still some question i need to ask but i will post it in the linux-general.

yes, all the user home dir is on a single server. do i need to configure my client to mount the nfs shared folder? is there a way to do this without messing with the client side, i just want the configuration done in the server side only.

well the client needs to know to mount a remote share whatever the scenario, it's not psychic. you can certainly just add a standard /etc/fstab entry to the client to mount the nfs share on boot, or do it via autofs as well, but there's always going to be somethign on the client to change.

so it isn't possible to do just on the server side only, thank you acid, you have been a great help for me.

well how is a client PC supposed to know that it needs to go get data from a server unless you tell it so?

sory to bother again acid, i follow your advice to mount the nfs shared on the client machine. here is the detail :

server : debian etch
client : kubuntu feisty

i have a ldap account with uid test and homedir: /home/usr/test, on the nfs server i export /home/usr to all user on the subnet 192.168.2.0/24(rw,sync) (ldap and nfs server are on the same machine). at client machine i mount the nfs shared dir on /home/usr then i tried to login using the account test but it failed because it cannot create home dir on the nfs shared dir. then i checked the log file it say:

trying to create local folder /home/usr/test/.kde/share: permission denied
mkdir: '/home/usr/test/.kde/share': permission denied
/usr/bin/x-session-manager: 62: cannot create /home/usr/test/.kde/share/config/startupconfigkeys: permission denied
.: 77: can't open /home/usr/test/.kde/share/config/startupconfig

thanks for your help before

Hi,

If the share is to be accessed by both users, you need to set the permissions properly.

You should chmod 1777 /home/usr and make sure that each newly created user has the correct permissions to their home directory.

For example, 'test', needs read/write access to /home/usr/test - make sure 'test' owns this directory. If not, chown -R test:test /home/usr/test

i change the file /home/usr permission to 1777 on the nfs server but it still showing the same error as before. the client still cannot automatically create home dir at the nfs shared mounted dir. is this error has to do with the /etc/exports and /etc/fstab configuration?

Possibly. Can you user authenticate via SSH?

what this SSH thing? how can i check if my user already use ssh or not?