FedoraDirectoryServerClientHowto

Revision 7 as of 2006-03-02 10:46:35

Clear message

Introduction

This howto is based on my FedoraDirectoryServer howto and I am going to tell you here how you are going to connect Ubuntu clients with Fedora-ds installed in another Ubuntu server. I will stic to the the following example scenario. Change your setting appropriately.

My test setup is like this:

attachment:fossedulan.jpg

Installing LDAP Client Packages

We need to install necessary client packages and setup them initially. To install all packages: 

  sudo apt-get install libpam-ldap libnss-ldap

During the installtion it will ask few questions and don't worry about them but keep accepting the default settings since we are going to modify them manually later.

Configuring Configuring nsswitch.conf file

The nsswitch.conf file is responsible for switching the authentication order in Linux and we need to setup to accpet LDAP authentication. Tp edit the file: 

sudo vi /etc/nsswitch.conf

Then we need change compat with files ldap. Use the following command in vi command mode 

%s/compat/files ldap/g

Now your changes will reflect as follows in /etc/nsswitch.conf 

...
passwd:         files ldap
group:          files ldap
shadow:         files ldap
...

The order files ldap will look /etc/passwd file first and then look LDAP for authentication.

Modifying /etc/pam_ldap.conf file

We now replace above file with our version of this file. To backup the original file : 

cd /etc
sudo mv pam_ldap.conf pam_ldap.conf.orig

The open a new file and copy and paste the follwing contents the new file. 

sudo vi /etc/pam_ldap.conf

Copy and paste the following code segment. 

host    10.0.0.1

suffix          "dc=fossedu,dc=com"

uri ldap://10.0.0.1
pam_password exop

ldap_version 3
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid
nss_base_passwd ou=People,dc=fossedu,dc=org
nss_base_shadow ou=People,dc=fossedu,dc=org
nss_base_group  ou=Groups,dc=fossedu,dc=org

scope one

Replace "dc=fossedu,dc=com" with your own distinguished name of the search base. For example dc=yourdoman,dc=com

Howto created by: ChinthakaDeshapriya.

CategoryDocumentation