# apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db
This series of articles will help you understand the benefits of LDAP as well as implementation of LDAP.
LDAP Basics for Ubuntu
LDAP Server for Ubuntu
LDAP Client for Ubuntu
Once the applications are installed you will need to supply a few answers. Set up the server IP for the LDAP server.
Enter your domain information.
Be sure to correctly list your LDAP version, by default Ubuntu will install version 3.
Allow pam to act like you would for changing local passwords.
Allow LDAP database to be accessible without a password.
Create your administrator account.
Set up your LDAP admin password.
Configure Local Files
You will need to configure several local files for LDAP to work with password information.
Edit /etc/nsswitch.conf
Change the file so that files ldap replaces compat.
#passwd: compat
passwd: files ldap
#group: compat
group: files ldap
If this is working correctly when you use this command:
getent passwdYou should see similar /etc/passwd like output:---cut---
mike:x:1000:1000:mike,,,:/home/mike:/bin/bash
snort:x:112:124:Snort IDS:/var/log/snort:/bin/false
postfix:x:113:125::/var/spool/postfix:/bin/false
Edit /etc/pam.d/common-account
You will need to edit the file so you have these two lines.
account sufficient pam_ldap.so
account required pam_unix.so
Edit /etc/pam.d/common-auth
auth sufficient pam_ldap.so
auth required pam_unix.so nullok_secure use_first_pass
Edit /etc/pam.d/common-password
password sufficient pam_ldap.so
password required pam_unix.so nullok obscure min=4 max=8 md5
This should complete the client setup on Ubuntu 8.04.
No comments:
Post a Comment