LDAP Client

From Maze's wiki
Revision as of 06:43, 10 May 2010 by Admin (talk | contribs) (Created page with '<pre> apt-get install libnss-ldap </pre> *LDAP server Uniform Resource Identifier: <ldap://ipaddress> *Distinguished name of the search base: <dc=example,dc=com> *LDAP version to…')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search 
apt-get install libnss-ldap
  • LDAP server Uniform Resource Identifier: <ldap://ipaddress>
  • Distinguished name of the search base: <dc=example,dc=com>
  • LDAP version to use: <3>
  • LDAP account for root: <cn=admin,dc=example,dc=com>
  • Make local root Database admin. <Yes>
  • Does the LDAP database require login? <No>
  • LDAP account for root: <cn=admin,dc=example,dc=com>

Change these lines in /etc/nsswitch.conf 

passwd:         compat ldap
group:          compat ldap

Replace /etc/pam.d/common-account with: 

account         sufficient      pam_unix.so 
account         sufficient      pam_ldap.so 
account         required        pam_deny.so

Replace /etc/pam.d/common-auth with: 

auth    required        pam_env.so 
auth    sufficient      pam_unix.so likeauth nullok 
auth    sufficient      pam_ldap.so use_first_pass 
auth    required        pam_deny.so

Replace /etc/pam.d/common-password with: 

password        sufficient      pam_unix.so nullok md5 shadow use_authtok 
password        sufficient      pam_ldap.so use_first_pass 
password        required        pam_deny.so

Replace /etc/pam.d/common-session with: 

session         required        pam_limits.so
session         required        pam_mkhomedir.so skel=/etc/skel/ umask=0077
session         required        pam_unix.so
session         optional        pam_ldap.so
Retrieved from "https://www.zeedijk.net/wiki/index.php?title=LDAP_Client&oldid=55"