Re: LDAP: automatical creation of user home directories?

In article <pan.2006.>,
Frank Luthe <Frank.Luthe@xxxxxxxx> wrote:

Hi Hajo,

thanks for your quick reply.

On Wed, 15 Feb 2006 03:30:11 -0800, Hajo Ehlers wrote:
- Using a GFS Filesystem like GPFS or AFS ?

This is also, what IBM told us. But it only hands the problem over to the
file server. How does he get to know, that a new user was created and he
is expected to create the homedirectory?

- Extend the Login AUTHENTICATION procedure by your own script( Which
will create the User home directory if it does not exist )

This would be the prefered solution, if we only had the sources of the
login executable or maybe the secldapcntld. I don't know of any other
"official" hook, where we could "implant" a script.

I wonder if a precompiled version of the pam_mkhomedir.c PAM module for
AIX5.3 exists anywhere, compiling it on our own resulted in too many
errors. :-(

- Let a process reading the LDAP user data base and create the
nessessary home directories ?

This would be our last resort, because if you do this via cron, you have
some latencies implied (ok, the secldapcntld also has a 300 seconds cache
time out). Additionally checking all existing users every couple of
minutes would produce some overhead.


We're also using LDAP for authentication on AIX 5.3. We simply create
the account when we enter the info to LDAP using our own scripts. Quick
and simple.