From ab49c7f21d5ee15142dd79687b4c8930699faa5d Mon Sep 17 00:00:00 2001 From: Firstyear Date: Tue, 18 Apr 2023 13:43:08 +1000 Subject: [PATCH] Add troubleshooting step for pam home dirs (#1550) * Add troubleshooting step for pam home dirs --- book/src/integrations/pam_and_nsswitch.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/book/src/integrations/pam_and_nsswitch.md b/book/src/integrations/pam_and_nsswitch.md index df10bdfc2..9f8c539d0 100644 --- a/book/src/integrations/pam_and_nsswitch.md +++ b/book/src/integrations/pam_and_nsswitch.md @@ -104,7 +104,7 @@ If the daemon is working, you should see: If it is not working, you will see an error message: ``` -[2020-02-14T05:58:10Z ERROR kanidm_unixd_status] Error -> +[2020-02-14T05:58:10Z ERROR kanidm_unixd_status] Error -> Os { code: 111, kind: ConnectionRefused, message: "Connection refused" } ``` @@ -372,7 +372,7 @@ similar to the following example: ```bash > kanidm group posix show example_group Using cached token for name idm_admin -Error -> Http(500, Some(InvalidAccountState("Missing class: account && posixaccount OR group && posixgroup")), +Error -> Http(500, Some(InvalidAccountState("Missing class: account && posixaccount OR group && posixgroup")), "b71f137e-39f3-4368-9e58-21d26671ae24") ``` @@ -489,3 +489,8 @@ may have your laptop in a park without wifi. Clearing the cache, however, completely wipes all local data about all accounts and groups. If you are relying on this cached (but invalid) data, you may lose access to your accounts until other communication issues have been resolved. + +### Home directories are not created via SSH + +Ensure that `UsePAM yes` is set in `sshd_config`. Without this the pam session module won't be +triggered which prevents the background task being completed.