LDAP Client on Ubuntu

You will need to set up a number of applications on the client.

# apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db

This series of articles will help you understand the benefits of LDAP as well as implementation of LDAP.
LDAP Basics for Ubuntu
LDAP Server for Ubuntu
LDAP Client for Ubuntu

Once the applications are installed you will need to supply a few answers. Set up the server IP for the LDAP server.

LDAP Ubuntu

Enter your domain information.

ldap Ubuntu

Be sure to correctly list your LDAP version, by default Ubuntu will install version 3.

LDAP Version on Ubuntu

Allow pam to act like you would for changing local passwords.

pam with LDAP

Allow LDAP database to be accessible without a password.

LDAP database

Create your administrator account.

LDAP

Set up your LDAP admin password.

LDAP

Configure Local Files

You will need to configure several local files for LDAP to work with password information.

Edit /etc/nsswitch.conf

Change the file so that files ldap replaces compat.

#passwd: compat

passwd: files ldap

#group: compat

group: files ldap

If this is working correctly when you use this command:

getent passwd

You should see similar /etc/passwd like output:

---cut---

mike:x:1000:1000:mike,,,:/home/mike:/bin/bash

snort:x:112:124:Snort IDS:/var/log/snort:/bin/false

postfix:x:113:125::/var/spool/postfix:/bin/false

Edit /etc/pam.d/common-account

You will need to edit the file so you have these two lines.

account sufficient pam_ldap.so

account required pam_unix.so

Edit /etc/pam.d/common-auth

auth sufficient pam_ldap.so

auth required pam_unix.so nullok_secure use_first_pass

Edit /etc/pam.d/common-password

password sufficient pam_ldap.so

password required pam_unix.so nullok obscure min=4 max=8 md5

This should complete the client setup on Ubuntu 8.04.

Preview Our Live Nagios Class

BeginLinux.com
(407)-620-4092
mike at beginlinux.com