Revision as of 06:53, 10 May 2010

apt-get install libnss-ldap

LDAP server Uniform Resource Identifier: <ldap://ipaddress>
Distinguished name of the search base: <dc=example,dc=com>
LDAP version to use: <3>
LDAP account for root: <cn=admin,dc=example,dc=com>
Make local root Database admin. <Yes>
Does the LDAP database require login? <No>
LDAP account for root: <cn=admin,dc=example,dc=com>

Change these lines in /etc/nsswitch.conf

passwd:         compat ldap
group:          compat ldap

PAM >= 1.0.1-6

Use

pam-auth-update

enable LDAP

PAM <= 1.0.1-6

Replace /etc/pam.d/common-account with:

account         sufficient      pam_unix.so 
account         sufficient      pam_ldap.so 
account         required        pam_deny.so

Replace /etc/pam.d/common-auth with:

auth    required        pam_env.so 
auth    sufficient      pam_unix.so likeauth nullok 
auth    sufficient      pam_ldap.so use_first_pass 
auth    required        pam_deny.so

Replace /etc/pam.d/common-password with:

password        sufficient      pam_unix.so nullok md5 shadow use_authtok 
password        sufficient      pam_ldap.so use_first_pass 
password        required        pam_deny.so

Replace /etc/pam.d/common-session with:

session         required        pam_limits.so
session         required        pam_mkhomedir.so skel=/etc/skel/ umask=0077
session         required        pam_unix.so
session         optional        pam_ldap.so

@@ Line 9: / Line 9: @@
 *Does the LDAP database require login? <No>
 *LDAP account for root: <cn=admin,dc=example,dc=com>
 Change these lines in /etc/nsswitch.conf
 <pre>
@@ Line 14: / Line 15: @@
 group:          compat ldap
 </pre>
+=PAM >= 1.0.1-6=
+Use
+<pre>
+pam-auth-update
+</pre>
+*enable LDAP
+=PAM <= 1.0.1-6=
 Replace /etc/pam.d/common-account with:
 <pre>

Difference between revisions of "LDAP Client"

Revision as of 06:53, 10 May 2010

PAM >= 1.0.1-6

PAM <= 1.0.1-6

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools