RHEL7 gdm lets users create new accounts?
After an everything install, it appears that gdm has greeter screen offering anyone to create an account on the host. Not good for a NIS/NFS host. I tried the enterprise login, and it failed to log me in (though NIS was already bound to the correct domain, and the user could log in at an alternate text console). Worse, it appeared that it "remembered" the password I typed in. The next try to log in (clicking the "Enterprise Login" button) presented a screen auto-filled with the same user name and appearing to have a password (though dotted-out).
This seems like rather promiscuous behaviour from a display manager.
I installed/enabled kdm (disabled gdm.service), which immediately worked.
What am I missing regarding gnome gdm? Shouldn't it behave more conservatively in an enterprise distribution?
Responses
Hi Bob,
Are you referring to the "firstboot" routine?
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/7-Beta/html/Installation_Guide/chap-initial-setup.html
The RHEL documentation seems to indicate that the user creation screen is present when no user was created during the installation?
In previous versions, firstboot is enabled when you install the X-window groups.
I'm curious if you would have had the same outcome if you had simply rebooted after completing the user auth portion (but not added kdm and disabled gdm). I don't believe it's tied to gdm specifically. Rather it's tied to any Desktop Manager. I have to admit, I rarely build a machine to present a desktop and equally as rarely using the installer (instead of kickstart) - so, I can only assume ;-)
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
