Operating Systems and Systems Integration Setting Up Local (Non-LDAP) Accounts 1 Background When you configure your computer to use ldap for authentication using the program authconfig, a program called the automounter will control access to the /home directory, and will attempt to mount a network drive whenever you access any subdirectory of /home. This prevents you from creating local user accounts with home directories under /home. The solution is to put local users under another directory, such as /home2, and configure useradd to create new accounts there instead. Your ldap account will be under /home, and your local accounts will be under /home2. 2 Procedure 1. Create a new directory under which all new local home directories should go: $ sudo mkdir /home2 2. Change the default base for the home directories created by useradd: $ sudo useradd -D -b /home2 See the documentation for useradd for more details: man useradd 3. Warning: There is one problem with this scheme; useradd will, by default, select a user id number greater than that of any user on the system. This will be in the ldap server. However, as new accounts are added to the ldap server, there will be a user id conflict between your local accounts and these future ldap accounts. There are a number of solutions: • Don’t worry about it. This is okay in the laboratory, since the owners of new accounts created on the ldap server will not be using your hard disk. • Another solution is to specify the user useradd command, with the -u option. number higher than any others in your 2000, since the ldap accounts have user id number manually as part of the You would need to choose a user id password file, but lower than about id numbers of 2000 and above. • Another approach (perhaps better for production use) is to turn the ldap authentication off temporarily with authconfig, create a number of local accounts, then turn ldap authentication back on with authconfig. Nick Urbanik ver. 1.2