Automatic home directory creation at login
The AIX® operating system can automatically create a home directory at user login.
This feature is useful for remotely defined users (for example, users defined in an LDAP server) who may not have a home directory in the local system. The AIX operating system provides two mechanisms to automatically create a home directory at user login: a standard AIX mechanism and a PAM mechanism. These mechanisms can be enabled together.
- AIX mechanism
- The AIX mechanism covers login through the following
commands: getty, login, rlogin, rsh, telnet, and tsm. The
AIX mechanism supports STD_AUTH authentication and PAM_AUTH
authentication using the pam_aix module. Enable the AIX
mechanism in the /etc/security/login.cfg file by setting the mkhomeatlogin attribute of the
usw stanza to
true
(see the /etc/security/login.cfg file for additional information about the file). Use the chsec command to enable or disable the automatic-home-directory-creation-at-login feature. For example, to enable the feature, run the following command:# chsec -f /etc/security/login.cfg -s usw -a mkhomeatlogin=true
When enabled, the login process checks for the user's home directory after successful authentication. If a user's home directory does not exist, one is created.
Note: The mkhomeatlogin attribute is only supported on AIX Version 6.1 with the 6100-02 Technology Level or later. - PAM mechanism
- AIX also provides a pam_mkuserhome
module for creating home directories for PAM mechanisms. The pam_mkuserhome
module can be stacked with other session modules for login services.
To enable this PAM module for a service, an entry must be added to
that service. For example, to enable home directory creation through
the telnet command using PAM, add the following entry to the /etc/pam.cfg file:
telnet session optional pam_mkuserhome