-
Notifications
You must be signed in to change notification settings - Fork 5
LDAP Authentication Linux PAM lookup
elurex edited this page Mar 24, 2019
·
2 revisions
apt install libnss-ldap -y #then input the following
ldap://<ldap ip>:389
dc=example,dc=com
3
cn=admin,dc=example,dc=com
<password>
<ok>
Yes
No
cn=admin,dc=example,dc=com
<password>cat /etc/nsswitch.conf
passwd: compat files ldap
group: compat files ldap
shadow: compat files ldap
gshadow: files
hosts: files dns ldap
networks: files ldap
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
echo "nss_map_objectclass posixGroup groupOfNames" >> /etc/libnss-ldap.conf;
echo "nss_map_attribute uniqueMember member" >> /etc/libnss-ldap.conf;
echo "nss_base_passwd ou=Users,dc=example,dc=com" >> /etc/libnss-ldap.conf;
echo "nss_base_shadow ou=Users,dc=example,dc=com" >> /etc/libnss-ldap.conf;
echo "nss_base_group ou=Groups,dc=example,dc=com" >> /etc/libnss-ldap.conf;
echo "session required pam_mkhomedir.so skel=/etc/skel umask=0022" >> /etc/pam.d/common-session;
echo "%sudoers ALL=(ALL:ALL) ALL" >> /etc/sudoers;
mkdir /etc/skel/cache;
mkdir /etc/skel/files;
mkdir /etc/skel/files_trashbin;
mkdir /etc/skel/files_version;
mkdir /etc/skel/thumbnails;
init 6
#after reboot check
getent passwd and id test.user #check for output