Home Directories and pam.d using LDAP
This is exactly what pam_mkhomedir
was made for.
The pam_mkhomedir
module can create the user's home directory upon login if that directory does not exist.
How to install it depends upon your distribution. But you would need to put it in one or more files in /etc/pam.d
.
For example, on my system I have /etc/pam.d/system-login
which is included by all other services which perform login (ssh, gdm, etc).
I would put pam_mkhomedir.so
in the session
stack, such as:
session optional pam_loginuid.so
session required pam_env.so
session optional pam_lastlog.so
session include system-auth
session optional pam_mkhomedir.so # <<< right here
session optional pam_ck_connector.so nox11
session optional pam_gnome_keyring.so auto_start
session optional pam_motd.so motd=/etc/motd
Where you put it is entirely dependent upon what else is in the stack. But you should put it before anything else which might need the home directory.
See man 8 pam_mkhomedir
for the options it supports.
In Ubuntu 14.04 system-login
is not present, but another file named as common-session
is present.
I went there and put:
root@GW:~# vim /etc/pam.d/common-session
#
session optional pam_systemd.so skel=/etc/skel/ umask=0077
This will create home directory if no exist also set the permission to 700