Hello all,
A quick background of my problem. I’m in the process of setting up a new box with TrueNAS Scale. (I have another box that has been running core for several years.) I have the scale box connected to my LDAP, which is a freeIPA domain. This connects and pulls in the users fine. However on all of my imported users the home directory path is set to /home/username. So when I look at any of the imported users I’m getting an error that the path obviously doesn’t exist on the scale box. ([ENOENT] Path /home/username not found)
While digging around for a solution I found the “Auxiliary Parameters” in the Advanced options of the LDAP configuration. I’ve crafted a parameter based on the nslcd.conf documentation linked from the Aux params help text (https arthurdejong dot org/nss-pam-ldapd/nslcd.conf.5), saved the changes, and rebuilt the directory cache but I’m not seeing any difference when I look at the ldap users. Here is the map I’m using for reference, which should remap the user to one of my ZFS datasets:
map passwd homeDirectory “${homeDirectory:+/mnt/s1/users/$uid}”
I couldn’t find any examples in the truenas docs and everything online which mentioned auxiliary parameters seemed specific to samba. Any help or pointers in the correct direction would be appreciated. Thanks.
I also recently fell for the LDAP configuration. My guess is that the help text for the “Auxiliary Parameters” is out of date and needs to be updated or removed. TrueNAS Scale (no longer) uses the nslcd service, so no parameters from nslcd.conf can be used.
TrueNAS Scale uses the sssd service instead.
This can be determined by logging into the TrueNAS host via SSH and displaying the services: systemctl list-units --type=service or the SSSD service: systemctl cat sssd.service. The output also shows that the configuration from the file /etc/sssd/sssd.conf is used for the service. This is also the file in which the LDAP configuration from the WebGui is written.
In order to achieve your goal, you should make sssd.conf-compliant settings in this case. For example:
# set the home directory from the ldap search response
ldap_user_home_directory = homeDirectory.
# set the home directory based on the username
override_homedir = /mnt/s1/users/%u
Don’t forget to restart the service and clear the cache:
sudo systemctl stop sssd
sudo rm -rf /var/lib/sss/db/*
sudo rm -rf /var/lib/sss/mc/*
sudo systemctl start sssd
sss_cache -E
Check your configuration with the query:
getent passwd
Note: I am still not sure how to completely delete the cache. Sometimes I even had to additionally press the button Rebuild Directory Service Cahce in the WebGui.
There is also an option to set the caching time:
# After 60 seconds an entry is considered obsolete.
entry_cache_timeout = 60
1 Like
Serves me right for reading the documentation! 
Thanks for sharing! Interestingly the top of my sssd.conf references the nslcd.conf man page. I was able to add override_homedir to the sssd.conf, restart it, clear the cache, and it worked like a charm. Thanks again @HCarnegie !!
