Linux 2 unit8 LDAP network user account

# #自动挂载在ldap用户家目录 # # #

This section requires only two scripts to get it done!

# #脚本能成功创立ldapuser1用户 # # #

[Email protected] ~]# vim auth-config.sh

echo "Install packages ..."

Yum Install SSSD krb5-workstation-y &>/dev/null

echo "Config authconfig ..."

Authconfig \ Use men to view parameter steps

--ENABLELDAP \

--ENABLEKRB5 \

--disableldapauth \

--ENABLELDAPTLS \

--ldapserver= "classroom.example.com" \

--ldapbasedn= "dc=example,dc=com" \

--LDAPLOADCACERT=HTTP://172.25.254.254/PUB/EXAMPLE-CA.CRT \

--krb5realm= "example.com" \

--krb5kdc= "classroom.example.com" \

--krb5adminserver= "classroom.example.com" \

--update

echo "Complete ~"

[Email protected] ~]# sh auth-config.sh # #执行脚本

Install packagess ...

Config authconfig ...

Complete ~

[[email protected] ~]# ID ldapuser1

uid=1701 (Ldapuser1) gid=1701 (ldapuser1) groups=1701 (ldapuser1)

[Email protected] ~]# Su-ldapuser1 # #切换用户

Su:warning:cannot Change directory to/home/guests/ldapuser1:no such file or directory

Mkdir:cannot Create directory '/home/guests ': Permission denied

-bash-4.2$ # #进入但不能执行命令

-bash-4.2$ exit

Logout

Or use the graphical interface to manually select

Command: Authconfig-tui

650) this.width=650; "Src=" https://s1.51cto.com/wyfs02/M02/93/17/wKiom1kIEySQEohNAARvYaE9Liw371.png-wh_500x0-wm_ 3-wmp_4-s_601163001.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-04-24.png "alt=" Wkiom1kieysqeohnaarvyae9liw371.png-wh_50 "/>

650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M02/93/15/wKioL1kIEyTizy7tAAEccG_e3YM311.png-wh_500x0-wm_ 3-wmp_4-s_462983375.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-04-39.png "alt=" Wkiol1kieytizy7taaeccg_e3ym311.png-wh_50 "/>

650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M02/93/17/wKiom1kIEyXi7ztzAAIQxokIjfw750.png-wh_500x0-wm_ 3-wmp_4-s_582668776.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-06-02.png "alt=" Wkiom1kieyxi7ztzaaiqxokijfw750.png-wh_50 "/>

[Email protected] ~]# vim auth-config.sh

#!/bin/bash

echo "Install packages ..."

Yum Install SSSD krb5-workstation autofs-y &>/dev/null

echo "Config authconfig ..."

Authconfig \

--ENABLELDAP \

--ENABLEKRB5 \

--disableldapauth \

--ENABLELDAPTLS \

--ldapserver= "classroom.example.com" \

--ldapbasedn= "dc=example,dc=com" \

--LDAPLOADCACERT=HTTP://172.25.254.254/PUB/EXAMPLE-CA.CRT \

--krb5realm= "example.com" \

--krb5kdc= "classroom.example.com" \

--krb5adminserver= "classroom.example.com" \

--update

echo "Config AutoFS ..."

echo "/home/guests/etc/auto.ldap" >>/etc/auto.master ##>> refers to append, otherwise the original file will be overwritten

echo "* 172.25.254.254:/home/gu ests/& ">>/etc/auto.ldap # #作用: Give a User a root

Systemctl Restart AutoFS

echo "Complete ~"

[Email protected] ~]# Su-ldapuser1 # #用户完全成功切换

Last Login:sun April 04:36:47 EDT on PTS/1

[[Email protected] ~]$ exit

Logout

Or use the command step

Command: Vim/etc/auto.master

650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M01/93/17/wKiom1kIE42ySuY-AANQlAqyg-0238.png-wh_500x0-wm_ 3-wmp_4-s_680270791.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-10-48.png "alt=" Wkiom1kie42ysuy-aanqlaqyg-0238.png-wh_50 "/>

Command: VIM/ETC/AUTO.LDAP

650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M00/93/15/wKioL1kIE46Rczc8AAAvPk-VvVo305.png-wh_500x0-wm_ 3-wmp_4-s_570835932.png "style=" Float:none; "title=" screenshot from 2017-04-30 15-11-10.png "alt=" Wkiol1kie46rczc8aaavpk-vvvo305.png-wh_50 "/>

This article is from the "aely Wood" blog, please make sure to keep this source http://12768057.blog.51cto.com/12758057/1921094

Linux 2 unit8 LDAP network user account