Hi Aaron, No the Directory /home is not RW, just the user dirs within it. I use autofs to mount/umount the dirs as needed. The entry looks like this * -soft,intr,nodev,tcp,rw server.domain.com:/home/& Brian On Wed, 2007-03-14 at 22:19 -0400, Bliss, Aaron wrote: > Just wondering, do the nfs clients have write permissions to the nfs > mount point? > > Aaron > > -----Original Message----- > From: fedora-directory-users-bounces at redhat.com > [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Brian > Kosick > Sent: Wednesday, March 14, 2007 7:30 PM > To: fedora-directory-users at redhat.com > Subject: FDS and Automatic home dir creation > > Hi All, > > I just found out about the fantastic pam_mkhomedir.so pam module. I > have it working somewhat, I just need to know if what I want to do is > possible. > Here's my setup: > > FC4 with Fedora Directory Server 1.04 and is also the NFS /home share. > On this server I have in the /etc/pam.d/system-auth file the following > entry > > session required pam_mkhomedir.so skel=/etc/skel > umask=0077 > > Then I have client machines that use FDS and the /home NFS share to > provide central login and /home dir capabilities. > The /home dir itself is NFS export RO and only the user dirs are RW > within it. > > Using ldap (hostobject, pam_check_host_attr) attributes, I do not let > users login to the FDS /home share server, just the clients. > I want to know it it is possible that the first time a user logs into > one of the clients that it can somehow be passed to the /home dir server > to create the users home dir. > > I have it working with test users currently, but ONLY when they are > allowed to login into the /home dir server, not any of the clients. > > Any help, suggestions would be appreciated! > > Thanks, > Brian > > Confidentiality Notice: > The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20070314/464213c0/attachment.bin