Automatic home directory creation at login

The AIX® operating system can automatically create a home directory at user login.

This feature is useful for remotely defined users (for example, users defined in an LDAP server) who may not have a home directory in the local system. The AIX operating system provides two mechanisms to automatically create a home directory at user login: a standard AIX mechanism and a PAM mechanism. These mechanisms can be enabled together.

AIX mechanism

The AIX mechanism covers login through the following commands: getty, login, rlogin, rsh, telnet, and tsm. The AIX mechanism supports STD_AUTH authentication and PAM_AUTH authentication using the pam_aix module. Enable the AIX mechanism in the /etc/security/login.cfg file by setting the mkhomeatlogin attribute of the usw stanza to true (see the /etc/security/login.cfg file for additional information about the file). Use the chsec command to enable or disable the automatic-home-directory-creation-at-login feature. For example, to enable the feature, run the following command:

# chsec -f /etc/security/login.cfg -s usw -a mkhomeatlogin=true

When enabled, the login process checks for the user's home directory after successful authentication. If a user's home directory does not exist, one is created.

Note: The mkhomeatlogin attribute is only supported on AIX Version 6.1 with the 6100-02 Technology Level or later.

PAM mechanism

AIX also provides a pam_mkuserhome module for creating home directories for PAM mechanisms. The pam_mkuserhome module can be stacked with other session modules for login services. To enable this PAM module for a service, an entry must be added to that service. For example, to enable home directory creation through the telnet command using PAM, add the following entry to the /etc/pam.cfg file:

telnet session optional pam_mkuserhome