I've opened a ticket on PAM's bug tracker: https://fedorahosted.org/linux-pam/ticket/22

Thanks to Stephen and Jakub for all your help!

-Chris


On Wed, Oct 9, 2013 at 2:00 PM, Stephen Gallagher <sgallagh@redhat.com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/09/2013 01:06 PM, Chris Hartman wrote:
> Could you file a bug against pam_mkhomedir?
>
> I can definitely do this, though I'm not exactly sure what the bug
> is because I don't think I understand the problem fully.
> "mkhomedir.so doesn't play nice with aliased usernames"? Can you
> offer a little more guidance and/or explanation?
>

Basically, when pam_mkhomedir.so is invoked, it has a substitution
template that it fills in with the username. Apparently, it is taking
the input value from PAM as this substitution value, but if you happen
to be logging in the first time from an alias (anything other than the
canonical version, which is the lower-case one in this example), it
creates the directory with that instead of the canonical one.


> When running id_provider = ad, we default to operating in
> case-insensitive mode.
>
> Is there a config option that exposes case sensitivity mode? If
> not, such a feature might be useful. Not sure if that is
> programmatically feasible/practical, though.
>

- From the AD provider manpage
(http://jhrozek.fedorapeople.org/sssd/1.11.1/man/sssd-ad.5.html):
"Users, groups and other entities served by SSSD are always treated as
case-insensitive in the AD provider for compatibility with Active
Directory's LDAP implementation."

- From the sssd.conf manpage
(http://jhrozek.fedorapeople.org/sssd/1.11.1/man/sssd.conf.5.html):


case_sensitive (boolean)

    Treat user and group names as case sensitive. At the moment, this
option is not supported in the local provider.

    Default: True



Essentially, using 'id_provider = ad' implies 'case_sensitive = False'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlJVmbIACgkQeiVVYja6o6PUQgCfU5J5mg7Q/XpZQ8Dwdv+ORjKa
VZsAnjXosUGYG28bQmnTl+XwDkU5Mjx8
=ufaB
-----END PGP SIGNATURE-----
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users