Forum Replies Created

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • February 7, 2007 at 1:00 am in reply to: Providing Home Folders for AD users using the "Magic Triangle" #368240
    danbgood
    Participant

    Greetings dom9inic,
    In my university’s case, the variables for user’s home are purposefully not set. The IT department does not permit any changes to the AD entries, despite the fact the schema supports it.

    Also, my department happens to be a very UNIX centric department and has been for nearly 20 years. As far as my department is concerned, upgrading means the next model of UNIX infrastructure. Amongst services used in the department is NFS. Laugh all you want, but in the department’s case it makes sense. The UniqueID attribute in our university’s AD server for certain does not match the UID in our present directory service.

    In our university’s case, it is illegal for a departmental IT service professional to make any such adjustment to a user’s directory entries. The run around our students will see for even trying to making such an adjustment is ennormous. The university avoids the issue to avoid the ensueing choas that would result for filling these user variables. I can not say that I blame them, since the rush of 30,000 students would be quite substansial.

    Later,
    Dan

    January 31, 2007 at 5:45 pm in reply to: Providing Home Folders for AD users using the "Magic Triangle" #368165
    danbgood
    Participant

    Greetings Ross and Abrose,
    One trick that I am trying, and I am looking for the reference script on is to use a login script to set the home area by look up (in either Directory Service). Two troubles that I have experienced with university having similar issues is that neither the UIDs nor the home areas in an acceptable form.

    If it were just our Macs this would only be a small issue. However, my department has legacy UNIX (Sun, IRIX, AIX, and Linux) which are not considered legacy and must be supported too. The OD can do this by itself for the other UNIX(s).

    The options we have considered are
    – The magic triangle (discussed at WWDC 2005/2006)
    Critical user variables not set are UID and home area.
    Weird authentication issues for clients, along with strange file sharing experiences.
    – The reverse magic triangle (with cross realm)
    It works great for remote login, but console login forces AD identity which requires the script to alter the home area.
    The UID(s) do not match thus NFS is rendered ineffective, to say the least.
    – A hybrid of the magic triangle with duplicate entries to handle the other UNIX(s)
    for the Macs, the same issues result in this case as they do in the reverse magic triangle.
    Since Abrose and I have nearly identical problems, it seemed appropriate to collaborate on this point.

    Later,
    Dan Beatty
    [email protected]
    CS, Texas Tech University

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
Copyright © 2025 AFP548. All Rights Reserved.