Ubuntu: How to specify home directory with 'adduser' when user creation fails on a machine with NFS home directory and Kerberos authentication



Question:

I am using adduser --disabled-password to create a user that uses Kerberos authentication for letting them sign into their account. Therefore, the password is predefined by a central Kerberos database.

Furthermore, the /home directory on the machine is symlinked to a directory on an NFS storage. So, using adduser --disabled-password newusername ends up in an error that I'm led to believe is caused by the NFS filesystem:

Stopped: chown 1002:1003 /home/newusername: Invalid argument  Removing directory `/home/newusername' ...  Removing user `newusername' ...  Removing group `newusername' ...  groupdel: group 'newusername' does not exist  adduser: `groupdel newusername' returned error code 6. Exiting.  

I tried adduser --disabled-password --no-create-home newusername. The user was then created and they could easily sign into the machine with their Kerberos authentication. Their home directory was however not created. I created it for them on the NFS, but then they could not create any folders there. Then I deleted their home directory and tried giving them sudo access to create their own home directory. They did it but then they could not create any folders inside their own home directory without sudo.

Is there a way to specify home directory for this particular user when using adduser --disabled-password so that I can create their home directory in the root of the machine and then move it onto the NFS? Or is there a better way of doing this?

I already have three other users on this same machine that were all created upon the creation of the machine and before migrating the /home directory to the NFS from the cloud storage.


Solution:1

You probably forgot to change the ownership of the home directory to the user after you created it. You would do that using the chown command.

Consider using pam_mkhomedir for having this done automatically.

Also, consider configuring your system such that it will import user IDs from your server. If there's a kerberos system, I would guess there is also some kind of LDAP server that offers account information via network. Then you would not have to configure each account individually.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »