Enabling Active Directory user logins inside a docker container

When an Active Directory user logs in to a docker container, the home directory is not created inside the docker container. You can work around this by doing the following:

  • Share the home directory of the host with the docker container by specifying "-v /home:/home" in the docker run command. Modify the pam configuration in the docker container to invoke pam_mkhomedir.so for the PAM session management.

Note that the kerberos credential cache (krb5cc_<uid>, or krb5cc_<unique_id>_<uid>) is created in /tmp in the CoreOS host.