# #自动挂载在ldap用户家目录 # # #
This section requires only two scripts to get it done!
# #脚本能成功创立ldapuser1用户 # # #
[Email protected] ~]# vim auth-config.sh
echo "Install packages ..."
Yum Install SSSD krb5-workstation-y &>/dev/null
echo "Config authconfig ..."
Authconfig \ Use men to view parameter steps
--ENABLELDAP \
--ENABLEKRB5 \
--disableldapauth \
--ENABLELDAPTLS \
--ldapserver= "classroom.example.com" \
--ldapbasedn= "dc=example,dc=com" \
--LDAPLOADCACERT=HTTP://172.25.254.254/PUB/EXAMPLE-CA.CRT \
--krb5realm= "example.com" \
--krb5kdc= "classroom.example.com" \
--krb5adminserver= "classroom.example.com" \
--update
echo "Complete ~"
[Email protected] ~]# sh auth-config.sh # #执行脚本
Install packagess ...
Config authconfig ...
Complete ~
[[email protected] ~]# ID ldapuser1
uid=1701 (Ldapuser1) gid=1701 (ldapuser1) groups=1701 (ldapuser1)
[Email protected] ~]# Su-ldapuser1 # #切换用户
Su:warning:cannot Change directory to/home/guests/ldapuser1:no such file or directory
Mkdir:cannot Create directory '/home/guests ': Permission denied
-bash-4.2$ # #进入但不能执行命令
-bash-4.2$ exit
Logout
Or use the graphical interface to manually select
Command: Authconfig-tui
650) this.width=650; "Src=" https://s1.51cto.com/wyfs02/M02/93/17/wKiom1kIEySQEohNAARvYaE9Liw371.png-wh_500x0-wm_ 3-wmp_4-s_601163001.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-04-24.png "alt=" Wkiom1kieysqeohnaarvyae9liw371.png-wh_50 "/>
650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M02/93/15/wKioL1kIEyTizy7tAAEccG_e3YM311.png-wh_500x0-wm_ 3-wmp_4-s_462983375.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-04-39.png "alt=" Wkiol1kieytizy7taaeccg_e3ym311.png-wh_50 "/>
650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M02/93/17/wKiom1kIEyXi7ztzAAIQxokIjfw750.png-wh_500x0-wm_ 3-wmp_4-s_582668776.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-06-02.png "alt=" Wkiom1kieyxi7ztzaaiqxokijfw750.png-wh_50 "/>
[Email protected] ~]# vim auth-config.sh
#!/bin/bash
echo "Install packages ..."
Yum Install SSSD krb5-workstation autofs-y &>/dev/null
echo "Config authconfig ..."
Authconfig \
--ENABLELDAP \
--ENABLEKRB5 \
--disableldapauth \
--ENABLELDAPTLS \
--ldapserver= "classroom.example.com" \
--ldapbasedn= "dc=example,dc=com" \
--LDAPLOADCACERT=HTTP://172.25.254.254/PUB/EXAMPLE-CA.CRT \
--krb5realm= "example.com" \
--krb5kdc= "classroom.example.com" \
--krb5adminserver= "classroom.example.com" \
--update
echo "Config AutoFS ..."
echo "/home/guests/etc/auto.ldap" >>/etc/auto.master ##>> refers to append, otherwise the original file will be overwritten
echo "* 172.25.254.254:/home/gu ests/& ">>/etc/auto.ldap # #作用: Give a User a root
Systemctl Restart AutoFS
echo "Complete ~"
[Email protected] ~]# Su-ldapuser1 # #用户完全成功切换
Last Login:sun April 04:36:47 EDT on PTS/1
[[Email protected] ~]$ exit
Logout
Or use the command step
Command: Vim/etc/auto.master
650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M01/93/17/wKiom1kIE42ySuY-AANQlAqyg-0238.png-wh_500x0-wm_ 3-wmp_4-s_680270791.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-10-48.png "alt=" Wkiom1kie42ysuy-aanqlaqyg-0238.png-wh_50 "/>
Command: VIM/ETC/AUTO.LDAP
650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M00/93/15/wKioL1kIE46Rczc8AAAvPk-VvVo305.png-wh_500x0-wm_ 3-wmp_4-s_570835932.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-11-10.png "alt=" Wkiol1kie46rczc8aaavpk-vvvo305.png-wh_50 "/>
This article is from the "aely Wood" blog, please make sure to keep this source http://12768057.blog.51cto.com/12758057/1921094
Linux 2 unit8 LDAP network user account