Binding a RHEL LDAP Client to a Sun Directory Server
From Brandonhutchinson.com
(Difference between revisions)
| (4 intermediate revisions not shown.) | |||
| Line 1: | Line 1: | ||
| + | === Overview === | ||
| + | |||
In this example, I bind a RHEL 3 AS client to a Sun Directory Server Enterprise Edition 6.2 LDAP Server. The following values are used in this example: | In this example, I bind a RHEL 3 AS client to a Sun Directory Server Enterprise Edition 6.2 LDAP Server. The following values are used in this example: | ||
| Line 4: | Line 6: | ||
* BaseDN: dc=dev,dc=example,dc=com | * BaseDN: dc=dev,dc=example,dc=com | ||
* pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used | * pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used | ||
| + | * AutoFS is configured to use the LDAP ''auto_home'' map | ||
=== authconfig === | === authconfig === | ||
| - | The first step is to run ''authconfig'' to configure ''/etc/nsswitch.conf'' and ''/etc/pam.d/system-auth''. | + | The first step is to run ''authconfig'' to configure ''/etc/nsswitch.conf'' and ''/etc/pam.d/system-auth'' for ''pam_ldap''. |
# '''authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart''' | # '''authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart''' | ||
| Line 13: | Line 16: | ||
The next step is to configure OpenSSH to use PAM. Make sure '''PAMAuthenticationViaKbdInt yes''' exists in ''/etc/ssh/sshd_config'' and reload the configuration with '''/sbin/service sshd reload'''. | The next step is to configure OpenSSH to use PAM. Make sure '''PAMAuthenticationViaKbdInt yes''' exists in ''/etc/ssh/sshd_config'' and reload the configuration with '''/sbin/service sshd reload'''. | ||
| + | |||
| + | === AutoFS === | ||
| + | |||
| + | The following entry is added to ''/etc/auto.master'' to use the LDAP ''auto_home'' map for home directories. The ''quota'' mount option is used for each ''/home'' mount. | ||
| + | /home ldap:automountMapName=auto_home,dc=dev,dc=mrds,dc=unix,dc=navitaire,dc=com quota | ||
| + | |||
| + | === Links === | ||
| + | * [http://www.linux-consulting.com/Amd_AutoFS/autofs.html Autofs Automounter HOWTO] | ||
Current revision
Contents |
Overview
In this example, I bind a RHEL 3 AS client to a Sun Directory Server Enterprise Edition 6.2 LDAP Server. The following values are used in this example:
- LDAP servers: 10.209.128.40, 10.205.0.30
- BaseDN: dc=dev,dc=example,dc=com
- pam_ldap is used, so the username and password provided during login is used as the bindDN for authentication; proxyagent authentication is not used
- AutoFS is configured to use the LDAP auto_home map
authconfig
The first step is to run authconfig to configure /etc/nsswitch.conf and /etc/pam.d/system-auth for pam_ldap.
# authconfig --enableldap --enableldapauth --ldapserver="10.209.128.40 10.205.0.30" --ldapbasedn="dc=dev,dc=example,dc=com" --kickstart
OpenSSH
The next step is to configure OpenSSH to use PAM. Make sure PAMAuthenticationViaKbdInt yes exists in /etc/ssh/sshd_config and reload the configuration with /sbin/service sshd reload.
AutoFS
The following entry is added to /etc/auto.master to use the LDAP auto_home map for home directories. The quota mount option is used for each /home mount.
/home ldap:automountMapName=auto_home,dc=dev,dc=mrds,dc=unix,dc=navitaire,dc=com quota
