Configuring LDAP Clients

Duffy — Thu, 02 Jul 2009 02:59:42 +0000

Install Needed Packages

We need to install the following packages on our LDAP server

apt-get install libnss-ldap libpam-ldap nscd

LDAP Account for root: cn=admin,dc=home,dc=local
Password: your-ldap-admin-password
Make local root database admin: yes
Database require logging in: No
Root login account: cn=admin,dc=home,dc=local
Root login password: your-ldap-admin-password

Configuration Files

/etc/libnss-ldap.conf

nano /etc/libnss-ldap.conf

host IP-OF-LDAP-SERVER
base dc=home,dc=local
bind_policy soft
rootbinddn cn=admin,dc=home,dc=local

/etc/pam_ldap.conf

/etc/pam_ldap.conf

host IP-OF-LDAP-SERVER
base dc=home,dc=local
rootbinddn cn=admin,dc=home,dc=local

Now we need to add pam_ldap so some of the pam configs

nano /etc/pam.d/common-account
account sufficient pam_ldap.so
account required pam_unix.so
#if you want user homedir to be created on first login
#session required pam_mkhomedir.so umask=0022 skel=/etc/skel/ silent

nano /etc/pam.d/common-auth
auth sufficient pam_ldap.so
auth required pam_unix.so nullok_secure use_first_pass

nano /etc/pam.d/common-password
password sufficient pam_ldap.so
password required pam_unix.so nullok obscure min=4 max=8 md5

nano /etc/pam.d/common-session
session sufficient pam_ldap.so
session required pam_unix.so
session optional pam_foreground.so

Finally we need to edit /etc/nsswitch.conf

nano /etc/nsswitch.conf

passwd:         compat ldap
group:          compat ldap
shadow:         compat ldap

Tuts4Tech » slapd

Configuring LDAP Clients

Install Needed Packages

Configuration Files