FedoraDirectoryServerClientHowto

Differences between revisions 11 and 13 (spanning 2 versions)
Revision 11 as of 2006-03-02 11:48:59
Size: 4245
Editor: 54
Comment:
Revision 13 as of 2006-03-02 12:11:05
Size: 4995
Editor: 54
Comment:
Deletions are marked like this. Additions are marked like this.
Line 147: Line 147:

== Setup your server for NFS Exports ==

In the Ubuntu server to which your have install Fedora-ds we need to export users home diretories via NFS

To install NFS server

{{{
sudo apt-get install kernel-nfs-server
}}}

To export the file system, setup {{{/etc/exports}}}.

{{{
sudo vi /etc/exports
}}}

Add the following code segment into the file.

{{{

}}}

== Insta
Line 151: Line 176:
== Con the auto.home ==

so that it will mount home directory form the host 10.0.0.1 acording to example scenario. Change your setup appropruatly.



# This is for mounting user homes over NFS
# Format = key [-mount-options-separated-by-comma] location

* -fstype=nfs,rw,hard,intr,rsize=2048,wsize=2048,nosuid,nfsvers=3 im:/ahome/&

Introduction

This howto is based on my FedoraDirectoryServer howto and I am going to tell you here how you are going to connect Ubuntu clients with Fedora-ds installed in another Ubuntu server. I will stic to the the following example scenario. Change your setting appropriately.

My test setup is like this:

attachment:fossedulan.jpg

Installing LDAP Client Packages

We need to install necessary client packages and setup them initially. To install all packages: 

  sudo apt-get install libpam-ldap libnss-ldap

During the installtion it will ask few questions and don't worry about them but keep accepting the default settings since we are going to modify them manually later.

Configuring Configuring nsswitch.conf file

The nsswitch.conf file is responsible for switching the authentication order in Linux and we need to setup to accpet LDAP authentication. Tp edit the file: 

sudo vi /etc/nsswitch.conf

Then we need change compat with files ldap. Use the following command in vi command mode 

%s/compat/files ldap/g

Now your changes will reflect as follows in /etc/nsswitch.conf 

...
passwd:         files ldap
group:          files ldap
shadow:         files ldap
...

The order files ldap will look /etc/passwd file first and then look LDAP for authentication.

Modifying /etc/pam_ldap.conf file

We now replace above file with our version of this file. To backup the original file : 

cd /etc
sudo mv pam_ldap.conf pam_ldap.conf.orig

The open a new file and copy and paste the follwing contents the new file. 

sudo vi /etc/pam_ldap.conf

Copy and paste the following code segment. 

host    10.0.0.1

suffix          "dc=fossedu,dc=com"

uri ldap://10.0.0.1
pam_password exop

ldap_version 3
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid
nss_base_passwd ou=People,dc=fossedu,dc=org
nss_base_shadow ou=People,dc=fossedu,dc=org
nss_base_group  ou=Groups,dc=fossedu,dc=org

scope one

Replace "dc=fossedu,dc=com" with your own distinguished name of the search base. For example dc=yourdoman,dc=com

Configuring PAM

The PAM configuration is split in 4 files: common-account, common-auth, common-password and common-session. Let us keep our original files back up in case we need a recovery again to our original setup. To backup original files: 

cd /etc/pam.d
for name in `ls common-*` ; do sudo mv "$name" "$name".orig ; done
mv 

== Setting common-account ==
{{{ 
sudo vi etc/pam.d/common-account

Copy and paste the following code segment. 

account sufficient      pam_ldap.so
account required        pam_unix.so

Setting common-auth

sudo vi etc/pam.d/common-auth

Copy and paste the following code segment 

auth    sufficient      pam_ldap.so
auth    required        pam_unix.so nullok_secure use_first_pass

Setting common-password

sudo vi etc/pam.d/common-password

Copy and paste the following code segment. 

password        sufficient      pam_ldap.so
password        required        pam_unix.so nullok obscure min=4 max=8 md5

Setting common-session

sudo vi etc/pam.d/common-session

Copy and paste the following code segment. 

session sufficient      pam_ldap.so
session required        pam_unix.so

Testing the Setup

Let's test our setup now. To test LDAP connectivity: 

getent passwd fmaster

Your output should be something like this: 

fmaster:x:1006:1006:Foss Master:/home/fsmaster:/bin/bash

Automatically Mounting User's Home Directory

We need to mount user's home directory when they login to a system and we try to manage our users as roaming users. Install following packages in all of your client system to enable this.

Setup your server for NFS Exports

In the Ubuntu server to which your have install Fedora-ds we need to export users home diretories via NFS

To install NFS server 

sudo apt-get install kernel-nfs-server

To export the file system, setup /etc/exports. 

sudo vi /etc/exports

Add the following code segment into the file. 

== Insta 
sudo apt-get install autofs nfs-common


Con the auto.home


so that it will mount home directory form the host 10.0.0.1 acording to example scenario. Change your setup appropruatly. 
# This is for mounting user homes over NFS # Format = key [-mount-options-separated-by-comma] location 
*       -fstype=nfs,rw,hard,intr,rsize=2048,wsize=2048,nosuid,nfsvers=3 im:/ahome/& 
Howto created by: ChinthakaDeshapriya. 
 CategoryDocumentation 
 






        
 
            

FedoraDirectoryServerClientHowto  (last edited 2008-08-06 16:37:36 by localhost)