When LDAP is enabled, any user in the tree can login (with some conditions), but the users home directory isn’t built on the fly. The way to fix this is remotely mounted home directories, but that’s not always practical. If there is no local home directory, and you don’t mount the directory remotely, the user will be put into the guest home directory at login. This script will scan the LDAP tree, check to see if the user is denied logins on this host, create the home directory, and copy the .profile from /etc/skel/.
{"id":107,"date":"2009-06-18T14:58:54","date_gmt":"2009-06-18T18:58:54","guid":{"rendered":"http:\/\/patrickv.info\/wordpress\/?p=107"},"modified":"2009-06-18T14:58:54","modified_gmt":"2009-06-18T18:58:54","slug":"script-to-create-home-dirs","status":"publish","type":"post","link":"https:\/\/rootuser.ninja\/index.php\/2009\/06\/18\/script-to-create-home-dirs\/","title":{"rendered":"Script to create home dirs"},"content":{"rendered":"When LDAP is enabled, any user in the tree can login (with some conditions), but the users home directory isn’t built on the fly. The way to fix this is remotely mounted home directories, but that’s not always practical. If there is no local home directory, and you don’t mount the directory remotely, the user will be put into the guest home directory at login. This script will scan the LDAP tree, check to see if the user is denied logins on this host, create the home directory, and copy the .profile from \/etc\/skel\/.
\n<\/p>\n
hostname=`hostname`\nfor dir in `lsldap -a passwd |\\\n\tgrep homeDirectory |\\\n\tgrep -v \"*\" |\\\n\tawk '{ print $2 }'`\ndo\n if [ -d $dir ]\n then\n echo $dir exists\n else\n user=`lsldap -a passwd homeDirectory=$dir |\\\n \tgrep uidNumber |\\\n \tawk '{ print \\$2 }'`\n group=`lsldap -a passwd homeDirectory=$dir |\\\n \tgrep gidNumber |\\\n \tawk '{ print \\$2 }'`\n denied_login=`lsldap -a passwd homeDirectory=$dir |\\\n \tgrep hostsDeniedLogin |\\\n \tgrep -c -i \"hostsDeniedLogin: $hostname\"`\n if [ $denied_login -eq 0 ]\n then\n \techo WARNING: $dir does not exist, creating\n \tmkdir $dir\n \tcp \/etc\/skel\/.profile $dir\/\n \tchown -R $user:$group $dir\n fi\n fi\ndone<\/code><\/pre>","protected":false},"excerpt":{"rendered":null,"protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,1],"tags":[],"class_list":["post-107","post","type-post","status-publish","format-standard","hentry","category-ldap-notes","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/posts\/107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/comments?post=107"}],"version-history":[{"count":0,"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/posts\/107\/revisions"}],"wp:attachment":[{"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/media?parent=107"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/categories?post=107"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rootuser.ninja\/index.php\/wp-json\/wp\/v2\/tags?post=107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}