I have setup an 389 directory server on Centos 6. User authentication works fine, however, I have to create individual users on each client machine after creating the user at the directory server.
The the pam_mkhomedir.so module seems to create home directories in case the user is already present in the local system.
Finally I got the answer and solution. It is pretty simple. Similar discussion has already been done long back.
So here is snippet of my system-auth file for anyone looking for same.
account sufficient pam_succeed_if.so
account sufficient pam_sss.so
session optional pam_mkhomedir.so skel=/etc/skel umask=022
Configure your /etc/pam.d/system-auth & /etc/pam.d/password-auth like below.
session optional pam_keyinit.so revoke
session required pam_limits.so
session optional pam_oddjob_mkhomedir.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
session optional pam_sss.so
For a home directory to be created automatically when a user logs in, You can use either the pam_oddjob_mkhomedir module or the pam_mkhomedir module. Because oddjob requires fewer permissions and works well with SELinux, you should always use pam_oddjob_mkhomedir module. If that module is not installed, then it falls back to the pam_mkhomedir module.
If you are trying to login using ssh, you have to do below as well.
Modify /etc/ssh/sshd_config to contain
"UsePam yes"
# service sshd restart
# service oddjobd restart
