SLES 11 SP4
Sponsored Link

Configure LDAP Client
2015/12/02
 
Configure LDAP Client in order to share users' accounts in your local networks.
[1] Install OpenLDAP Client.
www:~ #
zypper -n install openldap2-client pam_ldap* nss_ldap*
www:~ #
vi /etc/ldap.conf
# line 11: comment out

#
host 127.0.0.1
# line 14: change to own domain name

base dc=
srv
,dc=
world
# line 283: comment out

#
ssl start_tls
# add to the end (replace ldap IP address to your own one)

ssl     no
uri     ldap://10.0.0.30
ldap_version    3
pam_filter      objectClass=posixAccount

www:~ #
vi /etc/openldap/ldap.conf
# add to the end (replace ldap IP address to your own one)

BASE    dc=srv,dc=world
URI     ldap://10.0.0.30

www:~ #
vi /etc/pam.d/common-account
# change like follows

account requisite       pam_unix2.so
account sufficient      pam_localuser.so
account required        pam_ldap.so     use_first_pass

www:~ #
vi /etc/pam.d/common-auth
# change like follows

auth    required        pam_env.so
auth    sufficient      pam_unix2.so
auth    required        pam_ldap.so     use_first_pass

www:~ #
vi /etc/pam.d/common-password
# change like follows

password        requisite       pam_pwcheck.so  nullok cracklib
password        sufficient      pam_unix2.so    use_authtok nullok
password        required        pam_ldap.so     try_first_pass use_authtok

www:~ #
vi /etc/pam.d/common-session
# change like follows

session required        pam_limits.so
session required        pam_unix2.so
session optional        pam_ldap.so
session optional        pam_mkhomedir.so
session optional        pam_umask.so

www:~ #
vi /etc/nsswitch.conf
# change like follows

passwd: compat
group:  files ldap

hosts:  files dns
networks:       files dns

services:       files ldap
protocols:      files
rpc:    files
ethers: files
netmasks:       files
netgroup:       files ldap
publickey:      files

bootparams:     files
automount:      files nis
aliases:        files ldap
passwd_compat:  ldap

www:~ #
echo '+::::::' >> /etc/passwd

www:~ #
echo '+' >> /etc/shadow

www:~ #
Welcome to SUSE Linux Enterprise Server 11 SP4  (x86_64) - Kernel 3.0.101-63-default (console).

www login:
suse
# LDAP user

Password:
# password

suse@www:~>
# just logined
suse@www:~>
# try to change password

Changing password for suse.
Enter login(LDAP) password:
# current password

New Password:
# new password

Reenter New Password:
LDAP password information changed for suse
 
Tweet