FedoraDirectoryServerClientHowto
Differences between revisions 14 and 29 (spanning 15 versions)
|
Size: 5346
Comment:
|
← Revision 29 as of 2008-08-06 16:37:36 ⇥
Size: 76
Comment: converted to 1.6 markup
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| ||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;">'''Contents'''[[BR]][[TableOfContents]]|| = Introduction = This howto is based on my FedoraDirectoryServer howto and I am going to tell you here how you are going to connect Ubuntu clients with Fedora-ds installed in another Ubuntu server. I will stic to the the following example scenario. Change your setting appropriately. This howto can be used your own LDAP server as well. My test setup is like this: attachment:fossedulan.jpg = Installing LDAP Client Packages = We need to install necessary client packages and setup them initially. To install all packages: {{{ sudo apt-get install libpam-ldap libnss-ldap }}} During the installtion it will ask few questions and don't worry about them but keep accepting the default settings since we are going to modify them manually later. = Configuring Configuring nsswitch.conf file = The nsswitch.conf file is responsible for switching the authentication order in Linux and we need to setup to accpet LDAP authentication. Tp edit the file: {{{ sudo vi /etc/nsswitch.conf }}} Then we need change {{{compat}}} with {{{files ldap}}}. Use the following command in vi command mode {{{ %s/compat/files ldap/g }}} Now your changes will reflect as follows in /etc/nsswitch.conf {{{ ... passwd: files ldap group: files ldap shadow: files ldap ... }}} The order {{{files ldap}}} will look {{{/etc/passwd}}} file first and then look LDAP for authentication. = Modifying /etc/pam_ldap.conf file = We now replace above file with our version of this file. To backup the original file : {{{ cd /etc sudo mv pam_ldap.conf pam_ldap.conf.orig }}} The open a new file and copy and paste the follwing contents the new file. {{{ sudo vi /etc/pam_ldap.conf }}} Copy and paste the following code segment. {{{ host 10.0.0.1 suffix "dc=fossedu,dc=com" uri ldap://10.0.0.1 pam_password exop ldap_version 3 pam_filter objectclass=posixAccount pam_login_attribute uid pam_member_attribute memberuid nss_base_passwd ou=People,dc=fossedu,dc=org nss_base_shadow ou=People,dc=fossedu,dc=org nss_base_group ou=Groups,dc=fossedu,dc=org scope one }}} Replace {{{"dc=fossedu,dc=com"}}} with your own distinguished name of the search base. For example {{{dc=yourdoman,dc=com}}} = Configuring PAM = The PAM configuration is split in 4 files: common-account, common-auth, common-password and common-session. Let us keep our original files back up in case we need a recovery again to our original setup. To backup original files: {{{ cd /etc/pam.d for name in `ls common-*` ; do sudo mv "$name" "$name".orig ; done mv == Setting common-account == {{{ sudo vi etc/pam.d/common-account }}} Copy and paste the following code segment. {{{ account sufficient pam_ldap.so account required pam_unix.so }}} == Setting common-auth == {{{ sudo vi etc/pam.d/common-auth }}} Copy and paste the following code segment {{{ auth sufficient pam_ldap.so auth required pam_unix.so nullok_secure use_first_pass }}} == Setting common-password == {{{ sudo vi etc/pam.d/common-password }}} Copy and paste the following code segment. {{{ password sufficient pam_ldap.so password required pam_unix.so nullok obscure min=4 max=8 md5 }}} == Setting common-session == {{{ sudo vi etc/pam.d/common-session }}} Copy and paste the following code segment. {{{ session sufficient pam_ldap.so session required pam_unix.so }}} == Testing the Setup == Let's test our setup now. To test LDAP connectivity: {{{ getent passwd fmaster }}} Your output should be something like this: {{{ fmaster:x:1006:1006:Foss Master:/home/fsmaster:/bin/bash }}} = Automatically Mounting User's Home Directory = We need to mount user's home directory when they login to a system and we try to manage our users as roaming users. Install following packages in all of your client system to enable this. == Setup your server for NFS Exports == In the Ubuntu server to which your have install Fedora-ds we need to export users home diretories via NFS To install NFS server {{{ sudo apt-get install kernel-nfs-server }}} To export the file system, setup {{{/etc/exports}}}. {{{ sudo vi /etc/exports }}} Add the following code segment into the file. {{{ /home 10.0.0.0/24(rw,sync,root_squash) }}} Export the file system {{{ sudo exportfs -arv }}} Your output should look like: {{{ exporting 10.0.0.0/24:/home }}} To veryfiy nfs exprots {{{ sudo exportfs -v }}} Output: /home 10.0.0.0/24(rw,wdelay,root_squash) == Insta {{{ sudo apt-get install autofs nfs-common }}} == Con the auto.home == so that it will mount home directory form the host 10.0.0.1 acording to example scenario. Change your setup appropruatly. # This is for mounting user homes over NFS # Format = key [-mount-options-separated-by-comma] location * -fstype=nfs,rw,hard,intr,rsize=2048,wsize=2048,nosuid,nfsvers=3 im:/ahome/& Howto created by: ChinthakaDeshapriya. ---- CategoryDocumentation |
#REFRESH 0 http://help.ubuntu.com/community/FedoraDirectoryServerClientHowto |
FedoraDirectoryServerClientHowto (last edited 2008-08-06 16:37:36 by localhost)