There are Linux PAM modules like pam_oddjob_mkhomedir and the older pam_mkhomedir that do the job of automatically creating a home directory for a user that has not logged in before. This removes the requirement for administrators to manually create home directories for new Linux platform users. Unfortunately this does not work as expected with the SAS Object Spawner as it seems that the sasauth module does not trigger PAM session handling. There is a comment in the sasauth.conf file that confirms this (with respect to the use of Centrify): "Centrify requires that pam_setcred be called. sasauth traditionally has not done this, since there's no "session" like an interactive login." The Configuration Guide for SAS 9.4 Foundation for UNIX Environments also states that “Session and password modules are not supported”. In addition to SAS 9.2, 9.3, and 9.4, this also applies to the SAS Object Spawner used by SAS Studio 4.2 with SAS Viya 3.2
Whilst this no-session would be true for SAS Metadata Server authentication, it doesn't seem correct for the SAS Object Spawner, when launching standard SAS Workspace Servers as the requesting user, since that launch will fail if the user has no home directory.
Can we get the sasauth module enhanced to trigger PAM session handling and avoid the need for workarounds?
See the blog post and comments at https://platformadmin.com/blogs/paul/2017/04/sas-user-linux-home-dir-auto-creation/ for a discussion of why a workaround is necessary because of this.
Thanks
Paul