When I was setting PAM authentication via LDAP I noticed one undesirable thing. When I log into the machine as an LDAP user it sometimes mixes up LDAP and local users. For instance, the user akim can access the home directory of csc-151-1 (even though they have different home folders). You can see the example below.

However it is only like this for a limited number of LDAP users. Others are okay and displayed fine both in terminal and indicator-applet-session panel and also have correct rights to others' home directories. I didn't find the reason and also other people who encountered this problem. So I think that would be a good idea if we had either LDAP users, either local users only.

I found a working way of making automatically created private home directories. I also reviewed LDAP-PAM authentication and removed a couple of unnecessary steps.

So earlier, I finished the part of the project which was about LDAP. So I decided to work a bit on setting centralized synchronized authentication. This is not my task and it is likely that we won't use it at all but I think that would be at least a nice feature to have (and I also did it just in case we need this in the future).

I chose NFS as a file server. Set up NFS server and a couple of NFS clients. It worked well and the directory of one user was the same within the clients. Then I had to establish quotas, so that one user could not have lots of disc space on the server. I used quota and quotatool packages. So now, when a user tries to exceed the limit on the client machine, the error message is displayed and limit is not exceeded.

In brief, here are the steps to set up NFS:

apt-get install nfs-kernel-server

For example, you want to share /LDAPstore folder on your server. You need to edit your /etc/exports/ file. `nano /etc/exports/`

and insert the following line:

/LDAPstore *(rw,sync,no_subtree_check,no_root_squash)

Then, restart the server:``

service nfs-kernel-server restart On the client machine:

_ apt-get install nfs-common_

Let's say, we want to mount /home/LDAPusers folder. You need to edit /etc/fstab file.

nano /etc/fstab

Append the following (assuming that the server hostname is sst7422-17):

sst7422-17:/LDAPstore /home/LDAPusers nfs defaults 0 0

Mount the chosen directory:

_ mount /home/LDAPusers_

To set up quotas, I found this website most useful.

Comments