The kickstart auth option allow set must tyhe options you are settings into %post. http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Installation_Guide-en-US/s1-kickstart2-options.html has all you need. Look for auth/authconfig > %post > # Setup LDAP > # > # equiv to running setup tool > authconfig --kickstart --enableshadow --enablemd5 --enableldap > --enableldapauth --ldapserver ldap.yourdomain.com --ldapbasedn > dc=yourdomain,dc=com Use this out %post. Look the link above. > # > # Turn SSL on in the config files > perl -p -i -e 's/^ssl no/ssl on/g' /etc/ldap.conf > echo "tls_cacertfile /etc/openldap/cacerts/cacert.asc" >> /etc/ldap.conf > echo "URI ldaps://ldap.yourdomain.com" >> /etc/openldap/ldap.conf Again, no necessary if using the above --enableldaptls. > # > # Create a directory to hold our Cert Auth certificate > mkdir -p /etc/openldap/cacerts > # Download the CA certificate > wget -O /etc/openldap/cacerts/cacert.asc http://INSTALL_SERVER/cacert.asc > # OK > # Have PAM autocreate home directories upon login > echo "session required /lib/security/pam_mkhomedir.so skel=/etc/skel/ > umask=0077" >> /etc/pam.d/system-auth This is useful only if users connect through ssh. Through samba use root preexec to create home dir automaticly. For Linux clients use autofs. > # > # Ensure that local authorization is enough to get on the system > # (i.e. root can login) > perl -p -i -e 's/^USELOCAUTHORIZE=no/USELOCAUTHORIZE=yes/' > /etc/sysconfig/authconfig My system works without change this. _______________________________________________ Kickstart-list mailing list Kickstart-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/kickstart-list
