folks;
I'm going to use LDAP on Solaris 10 to authenticate users, i have 3 questions, i'm hoping it can be possible:
when users login for the first time, Is there a way to auto create a home directory like "/home/"user_name" so we don't have to a create a home directory for every single users (we will have about 300 users that going to need access to that Solaris box.
If question 1 can be done, is there a way to assign group to each user as well?
If question 2 can be done, Is there a way to make the group assignment based on their own group in LDAP?
In other word, let's say i have 2 groups in LDAP called "new & old", then if a user from group "old" in ldap logs in to the Solaris box he should be assigned to group "staff" and if a user from group "new" in ldap logs in, the associated group on Solaris box would be "sysadm"
/home is a virtual filesystem linked to the automounter. If you want to use LDAP to authenticate, I'd suggest also using NFS for their home dirs to keep everything in sync - otheriwse you'll have the situation where a new user won't have a home dir on several servers and an old, deleted user will leave their homedir behind on several servers.
If you configure automount to go to a predefined NFS server, you won't need to create accounts on any of your LDAP client servers.
This comes over as part of the LDAP info - you should use LDAP for user and groups to avoid the problems described in (1).
No idea sorry but I would imagine it would be easier to stick with LDAP groups for users and avoid using groups from /etc/group altogether for these (non-system) users.
Which aspect are you unfamilar with? The NFS server (ie a central server holding everyone's home directories) or the automounter config (ie setting up /home/blah to contain the relevant user's homedir on every server they log into)?
It'll save me going into detail on something you already know
