Configure LDAP Client
2011/05/02 |
[1] | Configure LDAP Client |
root@www:~# aptitude -y install libnss-ldap libpam-ldap ldap-utils (1) specify LDAP server's URI (2) specify suffix (3) specify LDAP version (4) select the one you like. ( this example selects 'Yes' ) (5) select the one you like. ( this example selects 'No' ) (6) specify LDAP admin account's suffix (7) specify password for LDAP admin account root@www:~# vi /etc/nsswitch.conf # line 7: add passwd: compat ldap group: compat ldap shadow: compat ldap # line 19: change netgroup: ldap root@www:~# vi /etc/pam.d/common-password # line 26: change ( remove 'use_authtok' ) password [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass root@www:~# vi /etc/pam.d/common-session # add at the last if needed ( create home directory automatically at first login )
session optional pam_mkhomedir.so skel=/etc/skel umask=077 root@www:~# sysv-rc-conf libnss-ldap on root@www:~# shutdown -r now www login: ubuntu # user on LDAP Password: Welcome to Ubuntu 11.04 (GNU/Linux 2.6.38-8-generic x86_64) * Documentation: https://help.ubuntu.com/ The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Creating directory '/home/ubuntu'. ubuntu@www:~$ # logined ubuntu@www:~$ # try to change LDAP password Enter login(LDAP) password: # current password New password: # new password Re-enter new password: # confirm LDAP password information changed for ubuntu passwd: password updated successfully # just changed |