Configure LDAP Client
2015/12/02 |
Configure LDAP Client in order to share users' accounts in your local networks.
|
|
[1] | Install OpenLDAP Client. |
www:~ #
zypper -n install openldap2-client pam_ldap* nss_ldap*
www:~ #
vi /etc/ldap.conf # line 11: comment out # host 127.0.0.1
# line 14: change to own domain name base dc= srv ,dc=world
# line 283: comment out # ssl start_tls
# add to the end (replace ldap IP address to your own one) ssl no uri ldap://10.0.0.30 ldap_version 3 pam_filter objectClass=posixAccount
www:~ #
vi /etc/openldap/ldap.conf # add to the end (replace ldap IP address to your own one) BASE dc=srv,dc=world URI ldap://10.0.0.30
www:~ #
vi /etc/pam.d/common-account # change like follows
account requisite pam_unix2.so
account sufficient pam_localuser.so
account required pam_ldap.so use_first_pass
www:~ #
vi /etc/pam.d/common-auth # change like follows
auth required pam_env.so
auth sufficient pam_unix2.so
auth required pam_ldap.so use_first_pass
www:~ #
vi /etc/pam.d/common-password # change like follows
password requisite pam_pwcheck.so nullok cracklib
password sufficient pam_unix2.so use_authtok nullok
password required pam_ldap.so try_first_pass use_authtok
www:~ #
vi /etc/pam.d/common-session # change like follows
session required pam_limits.so
session required pam_unix2.so
session optional pam_ldap.so
session optional pam_mkhomedir.so
session optional pam_umask.so
www:~ #
vi /etc/nsswitch.conf # change like follows passwd: compat group: files ldap hosts: files dns networks: files dns services: files ldap protocols: files rpc: files ethers: files netmasks: files netgroup: files ldap publickey: files bootparams: files automount: files nis aliases: files ldap passwd_compat: ldap Welcome to SUSE Linux Enterprise Server 11 SP4 (x86_64) - Kernel 3.0.101-63-default (console).
www login:
suse@www:~> suse # LDAP user Password: # password suse@www:~> # just logined # try to change password Changing password for suse. Enter login(LDAP) password: # current password New Password: # new password Reenter New Password: LDAP password information changed for suse |