When LDAP is enabled, any user in the tree can login (with some conditions), but the users home directory isn’t built on the fly. The way to fix this is remotely mounted home directories, but that’s not always practical. If there is no local home directory, and you don’t mount the directory remotely, the user will be put into the guest home directory at login. This script will scan the LDAP tree, check to see if the user is denied logins on this host, create the home directory, and copy the .profile from /etc/skel/.
hostname=`hostname`
for dir in `lsldap -a passwd |\
grep homeDirectory |\
grep -v "*" |\
awk '{ print $2 }'`
do
if [ -d $dir ]
then
echo $dir exists
else
user=`lsldap -a passwd homeDirectory=$dir |\
grep uidNumber |\
awk '{ print \$2 }'`
group=`lsldap -a passwd homeDirectory=$dir |\
grep gidNumber |\
awk '{ print \$2 }'`
denied_login=`lsldap -a passwd homeDirectory=$dir |\
grep hostsDeniedLogin |\
grep -c -i "hostsDeniedLogin: $hostname"`
if [ $denied_login -eq 0 ]
then
echo WARNING: $dir does not exist, creating
mkdir $dir
cp /etc/skel/.profile $dir/
chown -R $user:$group $dir
fi
fi
done