Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-4587: SSH logins do not mount network home directories on Mac OS X

Centrify Identity Service, Mac Edition ,  

12 April,16 at 11:22 AM

Applies to: Centrify DirectControl 5.1.0 and higher on Mac OS X

Question:

An AD user has been configured with a network home directory.

When this user remotely logs in to the Mac via SSH, their network home directory is not mounted and returns the message:
  • Failed to create home directory
Is it possible to have network home folders be mounted on SSH logins into Mac systems?


Answer:

Mounting network homes when remotely connecting to a Mac via SSH is possible in Centrify DirectControl 5.1.0 and higher with some manual configuration.

When an AD user attempts to login via SSH, the network home can be mounted using the pam_mount module. 

To do this, the /etc/pam.d/sshd file must be modified from:

# lines inserted by Centrify Direct Control (CentrifyDC 5.1.3-482) 
auth sufficient pam_centrifydc.so 
... ...

..to:

# lines inserted by Centrify Direct Control (CentrifyDC 5.1.3-482)
auth optional pam_mount.so try_first_pass
auth sufficient pam_centrifydc.so use_first_pass

... ... 

Note: These three lines need to be the first lines in the /etc/pam.d/sshd file.

The use_first_pass option is needed so that the user will not be prompted for password twice.

Once these settings are changed, an AD user will be able to log in via SSH and mount their network home correctly. 

Note: The message "Failed to create home directory" may still be shown, however it is ok to disregard this message.

See the following KB Articles for more information on how to set up network home folders:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.