Binding a RHEL LDAP Client to a Sun Directory Server

From Brandonhutchinson.com

(Difference between revisions)
Jump to: navigation, search
(New page: In this example, I bind a RHEL 3 AS client to a Sun Directory Server Enterprise Edition 6.2 LDAP Server. The following values are used in this example: * LDAP servers: 10.209.128.40, 10.2...)
Line 4: Line 4:
* BaseDN: dc=dev,dc=example,dc=com
* BaseDN: dc=dev,dc=example,dc=com
* pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used
* pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used
 +
 +
=== authconfig ===
The first step is to run ''authconfig'' to configure ''/etc/nsswitch.conf'' and ''/etc/pam.d/system-auth''.
The first step is to run ''authconfig'' to configure ''/etc/nsswitch.conf'' and ''/etc/pam.d/system-auth''.
-
# '''authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart'''
+
# '''authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart'''
 +
 
 +
=== OpenSSH ===
The next step is to configure OpenSSH to use PAM. Make sure '''PAMAuthenticationViaKbdInt yes''' exists in ''/etc/ssh/sshd_config'' and reload the configuration with '''/sbin/service sshd reload'''.
The next step is to configure OpenSSH to use PAM. Make sure '''PAMAuthenticationViaKbdInt yes''' exists in ''/etc/ssh/sshd_config'' and reload the configuration with '''/sbin/service sshd reload'''.

Revision as of 15:06, 21 February 2008

In this example, I bind a RHEL 3 AS client to a Sun Directory Server Enterprise Edition 6.2 LDAP Server. The following values are used in this example:

  • LDAP servers: 10.209.128.40, 10.205.0.30
  • BaseDN: dc=dev,dc=example,dc=com
  • pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used

authconfig

The first step is to run authconfig to configure /etc/nsswitch.conf and /etc/pam.d/system-auth.

# authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart

OpenSSH

The next step is to configure OpenSSH to use PAM. Make sure PAMAuthenticationViaKbdInt yes exists in /etc/ssh/sshd_config and reload the configuration with /sbin/service sshd reload.

Personal tools