Binding a RHEL LDAP Client to a Sun Directory Server
From Brandonhutchinson.com
(Difference between revisions)
(New page: In this example, I bind a RHEL 3 AS client to a Sun Directory Server Enterprise Edition 6.2 LDAP Server. The following values are used in this example: * LDAP servers: 10.209.128.40, 10.2...) |
|||
| Line 4: | Line 4: | ||
* BaseDN: dc=dev,dc=example,dc=com | * BaseDN: dc=dev,dc=example,dc=com | ||
* pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used | * pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used | ||
| + | |||
| + | === authconfig === | ||
The first step is to run ''authconfig'' to configure ''/etc/nsswitch.conf'' and ''/etc/pam.d/system-auth''. | The first step is to run ''authconfig'' to configure ''/etc/nsswitch.conf'' and ''/etc/pam.d/system-auth''. | ||
| - | # '''authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart''' | + | # '''authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart''' |
| + | |||
| + | === OpenSSH === | ||
The next step is to configure OpenSSH to use PAM. Make sure '''PAMAuthenticationViaKbdInt yes''' exists in ''/etc/ssh/sshd_config'' and reload the configuration with '''/sbin/service sshd reload'''. | The next step is to configure OpenSSH to use PAM. Make sure '''PAMAuthenticationViaKbdInt yes''' exists in ''/etc/ssh/sshd_config'' and reload the configuration with '''/sbin/service sshd reload'''. | ||
Revision as of 15:06, 21 February 2008
In this example, I bind a RHEL 3 AS client to a Sun Directory Server Enterprise Edition 6.2 LDAP Server. The following values are used in this example:
- LDAP servers: 10.209.128.40, 10.205.0.30
- BaseDN: dc=dev,dc=example,dc=com
- pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used
authconfig
The first step is to run authconfig to configure /etc/nsswitch.conf and /etc/pam.d/system-auth.
# authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart
OpenSSH
The next step is to configure OpenSSH to use PAM. Make sure PAMAuthenticationViaKbdInt yes exists in /etc/ssh/sshd_config and reload the configuration with /sbin/service sshd reload.
