Configure Ubuntu to use ldap Authentication

Source: Internet
Author: User

Configure Ubuntu to use ldap authentication to pass ldap authentication to make it an ldap client. In this tutorial, the environment is ubuntu 12.04. I. Manual configuration method 1. Software Installation: during the installation of the Java code apt-get install ldap-utils libpam-ldap libnss-ldap nslcd, the following information is displayed: ldap server address, base dc, etc. The information is stored in/etc/ldap. in the conf file, you can use dpkg-reconfigure ldap-auth-config to reconfigure it. In the format of ldap service uri, ldap: // ldapServerIP/search base: dc = my, dc = com, dc = cnroot ldap account: cn = admin, dc = my, dc = com, dc = cn 2. Add ldap in Authentication Mode: Java code root @ ldapclient :~ # Auth-client-config-t nss-p lac_ldap 3. After authentication is passed, the user's home directory is automatically created: Java code vi/etc/pam. d/common-session, Append content: session required pam_mkhomedir.so skel =/etc/skel umask = 0022 4. Configure to enable the ldap Authentication Mode Java code root @ ldapclient :~ # Pam-auth-update 5. Execute the Java code update-rc.d nslcd enable 6. Configure to change the user password on the local machine via passwd: Java code vi/etc/pam. d/common-password, excluding use_authtok parameter 7. Restart related services: Java code/etc/init. d/nscd restart 8. authentication is performed through ldap upon login or User Switching. For example, switch to User manager in ldap: Java code user1 @ ldapclient :~ $ Su-manager Password: ***** Creating directory '/home/Manager'. manager @ ldapclient :~ $ See http://askubuntu.com/questions/127389/how-to-configure-ubuntu-as-an-ldap-client 2, script configuration mode if you need to configure a lot of machines, the use of manual configuration is not appropriate, you can run the following shell script on the machine to be configured for automatic configuration: C code #! /Bin/bash # protocol # Ldap server address and base DN LDAP_SERVER_IP = 192.168.1.100 BASE_DN = 'DC = my, dc = com, dc = cn' # Prepare # create preseed file-software installation self-response touch debconf-ldap-preseed.txt echo "ldap-auth-config/ldapns/ldap-server string ldap: // $ LDAP_SERVER_IP "> debconf-ldap-preseed.txt echo" ldap-auth-config/ldapns/base-dn string $ BASE_DN "> debconf-ldap-preseed.txt echo" ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3> debconf-ldap-preseed.txt echo "ldap-auth-config/dbrootlogin boolean false"> debconf-ldap-preseed.txt echo "ldap-auth -config ldap-auth-config/dblogin boolean false "> debconf-ldap-preseed.txt echo" nslcd/ldap-uris string ldap: // $ LDAP_SERVER_IP "> debconf-ldap-preseed.txt echo" nslcd/ldap-base string $ BASE_DN "> debconf-ldap-preseed.txt cat debconf-ldap-preseed.txt | debconf-set-selections # Install ldap client related software apt-get install-y ldap-utils libpam-ldap libnss-ldap nslcd # Add ldap auth-client-config-t nss-p lac_ldap in Authentication Mode # automatically create echo in the user's home directory after Logon "session required pam_mkhomedir.so skel =/etc/skel umask = 0022">/etc/pam. d/common-session # self-starting service update-rc.d nslcd enable # You can change the user password cp/etc/pam on the Host through passwd. d/common-password/etc/pam. d/common-password.bak sed-I's/use_authtok // '/etc/pam. d/common-password # Make the configuration take effect/etc/init. d/nscd restart

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.