6.4. Overriding the LDAP home directory attribute
As an administrator, you can configure an existing host to use accounts from LDAP. However, the values for a user (name, UID, GID, home directory, shell) in LDAP are different from the values on the local system. You can override the LDAP home directory attribute by defining a different home directory with the following procedure.
Conditions préalables
-
root
access -
Installed
sssd-tools
Procédure
Display the current home directory of the user:
# getent passwd user-name user-name:x:XXXX:XXXX::/home/home-directory:/bin/bash
Replace user-name with the name of the user.
Override the home directory of the user:
# sss_override user-add user-name -h new-home-directory
Replace user-name with the name of the user and replace new-home-directory with the new home directory.
Restart SSSD for the changes to take effect:
# systemctl restart sssd
Verification steps
Verify that the new home directory is defined:
# getent passwd user-name user-name:x:XXXX:XXXX::/home/new-home-directory:/bin/bash
Optional. Display the overrides for the user:
# sss_override user-show user-name user@ldap.example.com:::::::new-home-directory::
Exemple 6.4. Overriding the home directory of the user
To override the home directory of the user sarah with admin:
Display the current home directory of the user sarah:
# getent passwd sarah sarah:x:1001:6003::sarah:/bin/bash
Override the home directory of the user sarah with new home directory admin:
# sss_override user-add sarah -h admin
Restart SSSD for the changes to take effect:
# systemctl restart sssd
Verify that the new home directory is defined and overrides for the user display correctly:
# getent passwd sarah sarah:x:1001:6003::admin:/bin/bash # sss_override user-show user-name user@ldap.example.com:::::::admin::
Ressources supplémentaires
-
sss_override
man page