System LDAP client
Install the ldap PAM/NSS packages
- Install nss ldap with rpm -ivh ldap_nss
- Install pam ldap with rpm -ivh ldap_pam
Edit /etc/ldap.conf to set the server and search base
Activate nss/pam - system directory services
- Warning: Before you begin, ensure you have
one console/terminal with root access available on your system. Don't use
this terminal for testing, if anything breaks (ie your root password is
no longer accepted by the system) you may copy back the original config
files to fix it, using the "original root" terminal. Also note
PAM and NSS are two different concepts, you don't have to enable both to
test it.
- Backup /etc/pam.d/
- Backup /etc/nsswitch.conf
- May be a good idea to backup the whole /etc (and maybe also the whole
server...)
- Enable PAM
- Copy /usr/doc/pam_ldap-x/pam.d/ /etc/pam.d/
- Enable NSS
- Copy /usr/doc/nss_ldap-x/nsswitch.ldap to /etc/nsswitch.conf
Test ns/pam
- Log in from another terminal, and check the server log. slapd should receive
queries for the user you log into.
- netstat will also generate connections when resolving addresses and services
from slapd.
|
