Hi,
Situation:
I want to create a new user on my local machine. This machine authenticates via ldap and krb5 severs of the institution, and it has home directories mounted via a nfs. Now the new user, say with id
xyz, already has an entry in the ldap server. But he doesn't have a home directory created in the nfs server. So I want to create a home directory for
xyz and export it to the local machine, so that next time
xyz logs in the local machine he will redirected to his nfs home.
I logged in to the nfs server and checked
xyz has id like this:
Quote:
[root@cretaceous home]# id xyz
uid=209228(xyz) gid=1000(access) groups=810691(xyz),1000(access)
[root@cretaceous home]# id -rg xyz
1000
[root@cretaceous home]# id -ru xyz
209228
|
where 209228 is his id from ldap/krb5 and 810691 is his gid from ldap/krb5. Now if I lookup my id this what I get:
Quote:
[root@cretaceous home]# id abc
uid=160855(xyz) gid=764530(abc) groups=764530(abc),829857(umg/dept.res.access.workstations),199(nfs_sudoers)
[root@cretaceous home]# id -rg abc
764530
[root@cretaceous home]# id -ru abc
160855
|
my real gid is same as ldap gid. (I am member of a special sudoers group, 199)
Question:
1. If I create a home directory named xyz with ownership specified to xyz (no gid specified), will xyz be able to log in via ldap/krb5 to this directory from local machine?
2. Do I need to create a directory xyz with permission specified by gid, so that when xyz logs on via ldap/krb5 he will have permissions on his home directory?
3. Do I need to create a local group for xyz on nfs server with gid same as ldap gid? Or somehow I need to add xyz to group 810691 on nfs server?
I could have experimented, but as you can guess, I do not have ldap password for xyz (and obviously I am not ldap admin). I only know my account credentials so cannot check if things worked, unless xyz tries to log in and complaints! So I am asking advice of the experts who can surely tel what to do!
Let me know if anymore details I need to give.
Thanks in advance,