CentOS 5 :: Automatically Mount Users Home Folders On Logon And Store The Configuration In Ldap?
May 6, 2011
I'm running into problems adding the required schema for automount and ldap on Centos 5.6 (also tried Centos 5.3)In the last few days I was able to setup LDAP server and get client authentication working. I want to be able to automatically mount users home folders on logon and store the configuration in ldap.I've done the following so far
1) added include in /etc/openldap/slapd.conf to /etc/openldap/schema/redhat/autofs.schema
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
I have a shared NTFS partition ("shared") that I use for data for both Windows and Ubuntu. How can I mount the music folder on shared to $Home/Music, and the Videos folder on shared to $Home/Videos? I want to mount the different folders on the partition to different folders in home.
I am using 10.04 ubuntu server. I configured the ldap server. I configure the client machine to contact the ldap server for authentication. But if i tried to ssh john@localhost, it says could not chdir to home directory /home/john: no such file or directory.
I have a debian-based ftp server running that I have created a few user accounts on. I will have clients uploading files to the server via ftp soon, and I need a way to restrict their access to only their home folders. I am not familiar with chroot, but from what I read, it can be used to restrict a user to their home folder, and that sounds perfect. How can I do this?
I am administrating a lab in a university and every semester we need to delete all the home folders of the accounts for the next semester. I would like to make a bash script that does this automatically and having trouble with it. Note that I am writing my very first bash script. What I need to do is make a script to delete the following:
Delete everything in /home/$exp$num/$dir when "exp" could be either "rt", "ic" or "sp". "num" could run from 1(single digit) to 45 and dir is "profile" and "work".
This is what I tried to write:
#!/bin/sh cd /home for exp in "rt ic sp" do
What seems to be the problem is the reading of "$exp$num" as a joint expression.
So far, I've been able to get my Box (Centos 5.3) authenticate users through LDAP. My next plan was to automount their home directory from our NAS device.But I'm struggling getting autofs talking to the LDAP Server.My Config Files:
/etc/ldap.conf [root@tmplt_CentOS-5 ~]# egrep -v '^#|^$?' /etc/ldap.conf base ou=intern,o=zde,dc=simiangroup,dc=com
I noticed in Fedora that in Authenticate Configs ->Advanced, that there is an option to "Create home directories on the first login".I'd like to know if its possible to enable that through a text config file on a CentOS box that has ldap authentication enabled. Right now it's complaining that the home folder does not exist upon loggin with an ldap account.
I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
AuthType Basic AuthBasicProvider ldap anon Order allow,deny Allow from all
This part by itself works for the LDAP authentication:
Anonymous guest Anonymous_VerifyEmail Off Anonymous_MustGiveEmail Off Anonymous_LogEmail on Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
I've compiled openssh-5.4p1 on RHEL 4.8 with Openssl 0.9.8m + pam It works perfect without pam (pam-0.77-66), both with password and public key auth. Whith pam enabled and LDAP (openldap-2.4.21, from scratch) something strange happens: system users: I can do ssh with both password and public key LDAP users: public key works for remote users, still I cannot do ssh with just password. I'm trying a custom PAM configuration, because the default one (even with authconfig + LDAP ) blocks ssh even with system users.
How would i go about restricting users to there home dir in sftp and in ssh so that they can not go poking about other dir and files thats above there home dir ?Operating systemCentOS Linux 5.4 Kernel and CPULinux 2.6.18-194.8.1.el5.028stab070.5PAE on i686 Also it will have to be a low resource usage as i dont have much memory on it
I'm trying to set up a Linux server and I am new to this. I have gone through most of the configuration using SAMBA 3.0 and when I populate the ldap directory all I get this error before the password request:
Then when I perform an ldapsearch to see if the directory is populated I get this message:
why i can't login on the ldap-client via ldap, so here is a short description of my machines (i use openvz virtualising)I have on the HN (Debian Lenny) 2 VE's, which are in the same subnet (192.168.1.0/24)The first VE (Hostname: ldap1, IP: 192.168.1.91) is the ldap-server, which is so configured, that i can manage the server via phpldapadmin.The second VE (Hostname: ftp1, IP: 192.168.1.31) is the ldap-client, there should run a sftp-server in the future and the sftp-server(ssh-server) should use ldap-usernames to login. on the ftp1, i get with this command getent passwd the users configured on the ldap-server, but with the command id USERNAME the result is, that the user doesn't exist. (USERNAME is this name, i get returned by getent) and if i try to login via ssh, i get permission denied. and because the machines are openvz-virtual-machines, so i can't login on them like on a normal system, but a su USERNAME doesn't work too, because the user is not known on the system.
i don't think, that the ldap-server is the problem, because the phpldapadmin and getent on ftp1 are working perfectly, but if you want, i can post the config here too. the VE ftp1 was configured with the following how-to: [URL] and pam is configured like in the chapter "PAM setup with pam_ldap" on [URL]
I need to specify a different path to home directories on a particular server than what LDAP contains for the users, besides using a symlink. E.g. "/Users/jdoe" vs "/home/jdoe" I don't want to change the actual LDAP attributes, just want a particular server to point them in the right direction (Ubuntu 10.04).
I'm assuming it's something I could probably set in pam configurations?
Installed Ubuntu along with Debian on my Notebook and use Grub Manager to choose between them on startup. Since i like Debian now a lot (in past days it was a very hard system to handle, but there has been some progress i noticed), i have to change some things (want Debian as main system now) For Ubuntu i have: (was meant to be main system on Notebook) "/", "/home" and a "swap" partition, but since i am now going to use mainly Debian, i wanted to store my files all in the "/home"-folder of my extended Ubuntu partition (has much more space available) not in the "/home" folder of the Debian system. So i want both (Debian and Ubuntu) to use the same extended partition ("/home") which i created for Ubuntu to save their files like downloads, videos, and so on.
I'm working on the design of a system that will serve Ubuntu virtual machines to users (via the FreeNX server and NoMachine's NX Web Companion plugin) and I'd like to launch a specific application a soon as someone logs into the VM. What is the best way to do this? Specifics would be helpful since I'm 95% software developer and 5% Linux administrator.
I installed CentOS 5.2 and then run yum update. I configured this server as LDAP/Samba primary domain controller. LDAP seems to be OK and for testing I am able to create users with:smbldap-tools useradd -am usernameI can ssh into the server as root and also as a Linux user which was locally created in the server. But ssh into the server as LDAP user fails (from a Fedora 11 machine) with "Permission denied, please try again", prompting again for password.Some data:
we have a weird problem with our opensuse 11.2 server installation.
We want to set up a LDAP Server using the Yast-LDAP Server configuriation tool.
This indeed already worked weeks ago until....this week. Maybe some updates??!
I do not know what happend exactly. The server just does not want to start again and throws following error:
Starting ldap-serverstartproc: exit status of parent of /usr/lib/openldap/slapd: 1 failed
This happend after a little check of the configuration, but without a change, with Yast. Google delivered only "reinstall your box"-answers.
So.. i did that. And now the "mystical" part: The SAME ERROR occurs with a fresh vanilla system with a brand new and simple configuration (certificats, database, pw...the first Yast config dialog...). I did not change the way i set it up.
I remember, when i did this the first time with 11.2 on that machine, when no problems occured...everything was running out of the box (except the "use commen server certificate" option...).
We are trying to set up a classroom training environment where our SIG can hold classes for prospective converts from Microsoft/Mac. The ten machines will have /home/student01..10 and /home/linsig01..10 as users. We want /home/student01 to be able to explore and sudo so they can learn to administer their personal machines at home. We don't want them to be able to modify (sudo) /home/linsig01. I've seen the tutorial on Access Control Lists but I'd like other input so we get it right the first time.
In the past I found some great help on this forum, so here goes. Bare with me because it's a long story. I'll try to be as complete as possible. I've installed and configured OpenLdap on a virtual machine with ip 192.168.39.134. I've added 2 users via LAM. In the ou WikiUsers and the domain is wiki.local.
I've then created another host with ip 192.168.39.133 with mediawiki installed on it. Then I added the extension LDAPAuthenthication. In the LdapAuthentication file I added this code (only the last paragraph is mine, I added the others to show it's location in the script):
I know I'm close because I can't register any new users or accounts on the mediawiki site. Although I could before I added the LDAP service. This is indeed all just to test and get to know how LDAP works. That's why it's all virtual in VMWare. I did not really configure anything on the LDAP, i just installed it and chose a domain (wiki.local).
Is there anything special about a home directory before users' home directories are stored there, or is just as typical as any other "empty" folder?Let me just cut to the chase, but please no ear ringing about the folly of messing around as root, particularly with directories at root level. I know it's considered stupidity, but I deleted my home directory.
Is there an easy way to restore a working home directory? I tried copying /etc/skel under root, but I'm not sure what a home directory should look like once it has been restored. Besides . & .., there were .screenrc & .xsession in my home directory when I copied /etc/skel. Are these files suppose to be in "/home" or "/home/~" or both?
I have got 2 disks available and would like to create 3 main partitions: one for file system (maverick), one for home folder and one for linux swap.
I read many howtos and now I feel more confused!
I would like to obtain the more efficient solution in order of speed (performance): as far as I can understand (not so far) .. it seems that the best choice is:
disk 1: [beginning] ubuntu | home | others [end] disk 2: [beginning] swap | others [end]
My situation now is, according to guides I read before:
disk 1: [beginning] ubuntu | others [end] disk 2: [beginning] home | others | swap [end]
now .. before moving all my staff ..
I thought to have understood that ubuntu use swap only for hibernation / suspend activities, and therefore it's recommendable to put the system at the beginning of one disk, and the home folder at the beginning of a second disk in order to have quickly two disk reading / writing on the right position without moving too much and spend time.
But now I'm confused because it seems that ubuntu DOES use swap for normal activity (and so it's better to put it) at the beginning of a second disk.
I always saw my swap next to zero during my activities .. is ubuntu using swap like windows with pagefile.sys?
we have purchased the Dell PowerVault NF 500 NAS Storage Box with Window Storage server 2003 is Installed.we have LDAP server for authentication the user in network for accessing network resources.All ubuntu users on client side use ubuntu(LDAP server )for user authentication.when a user logon on client side machine his home directory is created on client machine .
but we want to use the NAS storage device to store the home directories of user.we want to implement that ,whenever a user logon his home directory is created on powerValut NF 500 storage device so that all user data is stored centrally for taking the backup .we want to mount NAS storage device so that user uses when they login and create user profile.