Automatic home directory creation when using LDAP

Centralised authentication in the form of LDAP (or similar) is very useful but Linux assumes a valid user has a directory in /home. By default Suse does not create a home directory for a user who has authenticated via an external source which is a real problem if they want to run many programs.

One way to get around this is to mount the home directory on an external server which contains the home directories but this can be difficult and a drain on network bandwidth. An easier way to solve the problem is to tell PAM (the Linux authentication manager) to create the directory on login. To do so on Suse edit the /etc/pam.d/common-session file and add the following:

session required pam_mkhomedir.so skel=/etc/skel/ umask=0077

This command instructs PAM to create the home directory is it does not exist using the template found at /etc/skel. The umask setting ensures that no other users can read or access a user's personal files.