From owner-freebsd-questions@FreeBSD.ORG Wed Oct 18 15:20:45 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6F22A16A416 for ; Wed, 18 Oct 2006 15:20:45 +0000 (UTC) (envelope-from atom.powers@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.184]) by mx1.FreeBSD.org (Postfix) with ESMTP id D790F43D66 for ; Wed, 18 Oct 2006 15:20:41 +0000 (GMT) (envelope-from atom.powers@gmail.com) Received: by nf-out-0910.google.com with SMTP id k26so685529nfc for ; Wed, 18 Oct 2006 08:20:40 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=mxfKn1BMm9B+JZojTs0ssVX+wbawFggw/zmyAr7En4aFzaVo3YbuGJWaMfwocIBIbVFdJF2zuFQ/BlflTg0fcZ1GxVwLzfRzXgO1m0njFrNu22dz9Kdk0IsqefPksi5Tu9TQjlI4APQOF/jOoO0sM2mSRAhlpH9kLuWUhwvnTuc= Received: by 10.49.8.1 with SMTP id l1mr3984290nfi; Wed, 18 Oct 2006 08:20:31 -0700 (PDT) Received: by 10.49.63.18 with HTTP; Wed, 18 Oct 2006 08:20:31 -0700 (PDT) Message-ID: Date: Wed, 18 Oct 2006 08:20:31 -0700 From: "Atom Powers" To: "Erik Norgaard" In-Reply-To: <4535DDA9.503@locolomo.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <4535DDA9.503@locolomo.org> Cc: "Chandler, Jay" , freebsd-questions@freebsd.org Subject: Re: LDAP home directories X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Oct 2006 15:20:45 -0000 On 10/18/06, Erik Norgaard wrote: > Chandler, Jay wrote: > > Does anyone have a way to do home directory mapping through LDAP? We've > > got user directories mounted via NFS to /usr/users and would like to be > > able to type in "cd ~ted" and go to Ted's home directory, perhaps in > > /usr/users/students/ted. > > nss_ldap allows you to map an LDAP parameter to a system parameter. > There is nss_ldap in ports, but also this summer's Summer Of Code a > project was aimed at creating a FreeBSD native nss_ldap. > > pam_ldap is needed if you want to use ldap for authentication. > Expanding on what Erik said, pam_ldap and nss_ldap will use the posixAccount schema, or the attributes your define in your ldap.conf. So if you already have a way to generate a list of user->home directory mappings you can import that into your OpenLDAP directory as, probably, the homeDirectory attribute. There are plenty of how-to docos out there, take a look. The hardest part is setting up the directory and improting your data, after that it tends to "just work". -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers--