Ubuntu Login via LDAP integrated AD domain account (LIBNSS-LDAP mode)

Ubuntu Login via LDAP integrated AD domain account (LIBNSS-LDAP mode):

# Apt-get Install Libnss-ldap (Middle Direct enter, ignore)

# vi/etc/nsswitch.conf

Passwd:files LDAP

Group:files LDAP

Shadow:files LDAP

: Wq

# vi/etc/ldap.conf

Base dc=ming,dc=com

URI ldap://

BINDDN cn=ldapadmin,cn=users,dc=ming,dc=com

BINDPW xxxxxxx

(The following default is commented out, need to be enabled)

# RFC 2307 (AD) mappings

Nss_map_objectclass Posixaccount User

Nss_map_objectclass Shadowaccount User

Nss_map_attribute UID sAMAccountName

Nss_map_attribute homedirectory Unixhomedirectory

Nss_map_attribute Shadowlastchange PwdLastSet

Nss_map_objectclass Posixgroup Group

Nss_map_attribute Uniquemember Member

Pam_login_attribute sAMAccountName

Pam_filter Objectclass=user

Pam_password AD

: Wq


Automatically create user home directory after authentication:

# vi/etc/pam.d/common-session

Session Required Pam_mkhomedir.so Skel=/etc/skel umask=0022

: Wq

# getent passwd

# Su-zhi.yang

