Centralized user authentication LDAP

I. The experiment environment is as follows:

Rhel1: 192.168.10.1 LDAP-Server

Rhel2: 192.168.10.2 LDAP-Client

Ii. Experiment results:

1. Two users Client1 and Client2 on rhel1 can log on to the system on rhel2;

2. After logging on to rhel2, both Client1 and Client2 have their own directories;

Iii. Lab implementation steps:

(1) rhel1 (LDAP Server) configuration process:

1. Install the LDAP server software package: Yum install openldap-servers-y

2. Move the slapd. d directory. Otherwise, subsequent user data cannot be imported:

650) This. width = 650; "Title =" 9.png" src = "http://s3.51cto.com/wyfs02/M01/4B/6B/wKioL1Qr5cSB4-qwAABMEWwnSOY517.jpg" alt = "wKioL1Qr5cSB4-qwAABMEWwnSOY517.jpg"/>

3. Copy the master configuration file and modify the permission:

650) This. width = 650; "Title =" 10.png" src = "http://s3.51cto.com/wyfs02/M00/4B/68/wKiom1Qr6BmSHkt9AABprwVX9mY256.jpg" alt = "wkiom1qr6bmshkt9aabprwvx9my256.jpg"/>

650) This. width = 650; "Title =" 11.png" src = "http://s3.51cto.com/wyfs02/M02/4B/68/wKiom1Qr6FuDINcvAABKNNNMKSs795.jpg" alt = "wkiom1qr6fudincvaabknnnmkss795.jpg"/>

4. Modify the LDAP master configuration file Vim/etc/OpenLDAP/slapd. conf:

650) This. width = 650; "Title =" 12.png" src = "http://s3.51cto.com/wyfs02/M01/4B/68/wKiom1Qr6RzDQoCjAADPAZQ5yxk770.jpg" alt = "wkiom1qr6rzdqocjaadpazq5yxk770.jpg"/>

5. Delete unnecessary files:

650) This. width = 650; "Title =" 13.png" src = "http://s3.51cto.com/wyfs02/M02/4B/68/wKiom1Qr6bqTLhn6AAICECmYKQg988.jpg" alt = "wkiom1qr6bqtlhn6aaicecmykqg988.jpg"/>

6. Generate the db_config file and modify its permissions:

650) This. width = 650; "Title =" 14.png" src = "http://s3.51cto.com/wyfs02/M00/4B/68/wKiom1Qr6obDT64pAABkwv8Hjog295.jpg" alt = "wkiom1qr6obdt64paabkwv8hjog295.jpg"/> 7. Start LDAP Service:/etc/init. d/slapd start

8. Create client 1 and client 2, and set the password:

650) This. width = 650; "Title =" 15.png" src = "http://s3.51cto.com/wyfs02/M01/4B/68/wKiom1Qr64rCiYplAAEZjsLJ3tM661.jpg" alt = "wkiom1qr64rciyplaaezjslj3tm661.jpg"/>

9. Install the database migration tool migrationtools:

650) This. width = 650; "Title =" 16.png" src = "http://s3.51cto.com/wyfs02/M02/4B/6B/wKioL1Qr7Eayf7P3AAAs8oH7mNc959.jpg" alt = "wkiol1qr7eayf7p3aaas8oh7mnc959.jpg"/>

10. Modify the migrationtools configuration file: Vim/usr/share/migrationtools/migrate_common.ph:

650) This. width = 650; "Title =" 17.png" src = "http://s3.51cto.com/wyfs02/M02/4B/69/wKiom1Qr7OCAIjonAABOEZQUvqI952.jpg" alt = "wkiom1qr7ocaijonaaboezquvqi952.jpg"/>

11. Generate the base. LDF, user. LDF, and Group. LDF files:

650) This. width = 650; "Title =" 18.png" src = "http://s3.51cto.com/wyfs02/M01/4B/69/wKiom1Qr7ery0IFfAADN8EGntS4133.jpg" alt = "wkiom1qr7ery0iffaadn8egnts4133.jpg"/>

12. Modify the base. LDF, user. LDF, and Group. LDF files:

* Vim/usr/share/migrationtools/base. LDF:

650) This. width = 650; "Title =" 19.png" src = "http://s3.51cto.com/wyfs02/M01/4B/69/wKiom1Qr7uiSylWQAADJ949tsYY033.jpg" alt = "wkiom1qr7uisylwqaadj949tsyy033.jpg"/>

* Vim/usr/share/migrationtools/user. LDF:

650) This. width = 650; "Title =" javaspng" src = "http://s3.51cto.com/wyfs02/M02/4B/69/wKiom1Qr72uy0-dSAALpwkLbpDs377.jpg" alt = "wKiom1Qr72uy0-dSAALpwkLbpDs377.jpg"/> * Vim/usr/share/migrationtools/group. LDF, only the following lines are left, and the remaining lines are deleted:

650) This. width = 650; "Title =" 21.png" src = "http://s3.51cto.com/wyfs02/M02/4B/69/wKiom1Qr7-fz7mJKAADgIXLCJuo676.jpg" alt = "wKiom1Qr7-fz7mJKAADgIXLCJuo676.jpg"/>

11. Import LDAP user data:

650) This. width = 650; "Title =" 22.png" src = "http://s3.51cto.com/wyfs02/M00/4B/69/wKiom1Qr9BCSSmbIAAKl4ReafKA882.jpg" alt = "wkiom1qr9bcssmbiaakl4reafka882.jpg"/>

12. To ensure that the client has its own home directory after login, perform the following operations:

* Vim/etc/Export

650) This. width = 650; "Title =" 23.png" src = "http://s3.51cto.com/wyfs02/M00/4B/6B/wKioL1Qr9aKgviriAAAMQn8UfKI030.jpg" alt = "wkiol1qr9akgviriaaamqn8ufki030.jpg"/>

* Start NFS:/etc/init. d/nfs start

(2) rhel2 (LDAP client) configuration steps:

1. Install the LDAP client package: Yum install openldap-clients-y

2. Use tools to modify LDAP configuration, authconfig-tui:

650) This. width = 650; "width =" 720 "Height =" 400 "Title =" 25.png" style = "width: pixel PX; Height: 275px; "src =" http://s3.51cto.com/wyfs02/M01/4B/6B/wKioL1Qr9zqy8iPiAAHd-z1XGHQ639.jpg "alt =" wKioL1Qr9zqy8iPiAAHd-z1XGHQ639.jpg "/>

650) This. width = 650; "width =" 720 "Height =" 400 "Title =" 26.png" style = "width: 495px; Height: 305px; "src =" http://s3.51cto.com/wyfs02/M01/4B/6B/wKioL1Qr-BaBpkHtAAEF_F59U8w332.jpg "alt =" wKioL1Qr-BaBpkHtAAEF_F59U8w332.jpg "/>

3. Test. Use Client1 or Client2 to log on:

650) This. width = 650; "Title =" 27.png" src = "http://s3.51cto.com/wyfs02/M02/4B/69/wKiom1Qr-IjAVtxQAABfOFAIg4U520.jpg" alt = "wKiom1Qr-IjAVtxQAABfOFAIg4U520.jpg"/> 4. the user does not have a home directory after logon. To ensure that the user has a home directory after logon, perform the following operations:

1. Vim/etc/auto. Master, add the following line:

650) This. width = 650; "Title =" Ah .png "src =" http://s3.51cto.com/wyfs02/M01/4B/6B/wKioL1Qr-9zCAEEyAAATkjLgyHE064.jpg "alt =" wKioL1Qr-9zCAEEyAAATkjLgyHE064.jpg "/>

2. Vim/etc/auto. Home, add the following lines:

650) This. width = 650; "Title =" 30.png" src = "http://s3.51cto.com/wyfs02/M00/4B/69/wKiom1Qr-ZPzibtXAAAVH3OnDjA850.jpg" alt = "wKiom1Qr-ZPzibtXAAAVH3OnDjA850.jpg"/>

3. Start The AutoFS and NFS services:

*/Etc/init. d/nfs start

*/Etc/init. d/autofs start

5. test again and log on with client 1 or client 2:

650) This. width = 650; "Title =" 31.png" src = "http://s3.51cto.com/wyfs02/M00/4B/6B/wKioL1Qr_KiwCM8-AAAppARG0KE490.jpg" alt = "wKioL1Qr_KiwCM8-AAAppARG0KE490.jpg"/>

This article from the "O & M learning" blog, please be sure to keep this source http://maofan.blog.51cto.com/9212198/1560300

Centralized user authentication LDAP