From owner-freebsd-questions@FreeBSD.ORG  Mon Feb 18 00:49:29 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A637B16A41A
	for <freebsd-questions@freebsd.org>;
	Mon, 18 Feb 2008 00:49:29 +0000 (UTC)
	(envelope-from jonc@chen.org.nz)
Received: from chen.org.nz (chen.org.nz [202.89.146.5])
	by mx1.freebsd.org (Postfix) with ESMTP id 40FB013C461
	for <freebsd-questions@freebsd.org>;
	Mon, 18 Feb 2008 00:49:29 +0000 (UTC)
	(envelope-from jonc@chen.org.nz)
Received: by chen.org.nz (Postfix, from userid 1000)
	id CB63728438; Mon, 18 Feb 2008 13:49:27 +1300 (NZDT)
Date: Mon, 18 Feb 2008 13:49:27 +1300
From: Jonathan Chen <jonc@chen.org.nz>
To: "Darek M." <darek@nyi.net>
Message-ID: <20080218004927.GA48691@osiris.chen.org.nz>
References: <8f82c35c0802131110l7c678965qe6d0c3432f008254@mail.gmail.com>
	<47B8B90D.4060609@nyi.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <47B8B90D.4060609@nyi.net>
User-Agent: Mutt/1.4.2.3i
Cc: Jon Theil Nielsen <jontheil@gmail.com>, freebsd-questions@freebsd.org
Subject: Re: LDAP user authentication?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Feb 2008 00:49:29 -0000

On Sun, Feb 17, 2008 at 05:45:33PM -0500, Darek M. wrote:
> Jon Theil Nielsen wrote:
> >I have googled for a very long time, but I haven't found any useful
> >howto on this issue. Well, there is
> >http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html
> >but that seems to be a bit confusing an not up-to-date. I guess it
> >_should_ be possible - and indeed very useful (especially combinde
> >with Samba PDC and an easily maintainlable mail server). So please, if
> >you have any experiences or knowledge of a useful description..!
> >
> >Regards,
> >Jon Theil Nielsen
> 
> At the risk of a thread-jack...
> 
> how are home directories handled?  Will 'user' have a home dir on the 
> local system?  I suppose once LDAP is set up properly, you can then 
> create the home dir, then chown it 'user', with 'user' not being a local 
> user and not in passwd/master.passwd files.  So when you chown/chgrp, 
> those commands go through pam/nss/ldap to retrieve the proper id and 
> name from the LDAP server?

There's security/pam_mkhomedir, which should do what you want.

Cheers.
-- 
Jonathan Chen <jonc@chen.org.nz>
------------------------------------------------------------------------
"We laugh in the face of danger, we drop icecubes down the vest of fear"
                                                 - Edmond Blackadder III