LDAP Client
Step:-1 Install required packages
# apt-get install sysv-rc-conf libnss-ldap libpam-ldap nscd autofs-ldap ldap-utils
Step:-2 Edit /etc/ldap.conf
# Edit /etc/ldap.conf or dpkg-reconfigure ldap-auth-config
base dc=example,dc=local
uri ldap://192.168.1.112 (Ldap Server)
ldap_version 3
pam_password md5
nss_base_group ou=groups,dc=example,dc=local
nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,dnsmasq,games,gnats,hplip,irc,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,proxy,proxy,pulse,root,rtkit,saned,speech-dispatcher,statd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data
Step:-3 Edit /etc/defaults/autofs
base dc=example,dc=local
uri ldap://192.168.1.112 (Ldap Server)
ldap_version 3
pam_password md5
nss_base_group ou=groups,dc=example,dc=local
nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,dnsmasq,games,gnats,hplip,irc,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,proxy,proxy,pulse,root,rtkit,saned,speech-dispatcher,statd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data
Step:-3 Edit /etc/defaults/autofs
# Edit /etc/default/autofs
edit these lines
LDAP_URI="ldap://192.168.1.112"
SEARCH_BASE="dc=example,dc=local"
uncomment these lines
MAP_OBJECT_CLASS="automountMap"
ENTRY_OBJECT_CLASS="automount"
MAP_ATTRIBUTE="ou"
ENTRY_ATTRIBUTE="cn"
VALUE_ATTRIBUTE="automountInformation"
Step:-4 Edit /etc/nsswitch.conf
edit these lines
LDAP_URI="ldap://192.168.1.112"
SEARCH_BASE="dc=example,dc=local"
uncomment these lines
MAP_OBJECT_CLASS="automountMap"
ENTRY_OBJECT_CLASS="automount"
MAP_ATTRIBUTE="ou"
ENTRY_ATTRIBUTE="cn"
VALUE_ATTRIBUTE="automountInformation"
Step:-4 Edit /etc/nsswitch.conf
# Edit /etc/nsswitch.conf
add this lines
passwd:compat ldap
group:compat ldap
shadow:compat ldap
automount: files ldap
Step:-5 Edit /etc/pam.d/common-password
# Edit /etc/pam.d/common-password
remove 'use_authtok' from this line
password [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass
Step:-6 Edit /etc/pam.d/common-session
password [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass
Step:-6 Edit /etc/pam.d/common-session
#Edit /etc/pam.d/common-session
add at the last
session optional pam_mkhomedir.so skel=/etc/skel umask=077
Step:-7 Edit /etc/auto.master
add at the last
session optional pam_mkhomedir.so skel=/etc/skel umask=077
Step:-7 Edit /etc/auto.master
# Edit /etc/auto.master
add this line
/phpusers /etc/auto.phpusers (for me its phpusers group)
Step:-8 create /etc/auto.phpusers
add this line
/phpusers /etc/auto.phpusers (for me its phpusers group)
Step:-8 create /etc/auto.phpusers
# Create /etc/auto.phpusers
add this line
* -fstype=nfs4 192.168.1.112:/phpusers/&
Step:-10 Edit /etc/idmapd.conf
#Edit /etc/idmapd.conf
should look like this
[General]
Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
Domain = example.local
[Translation]
LDAP_server = 192.168.1.112
LDAP_base = dc=example,dc=local
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup
Step:-11 Add in startup
should look like this
[General]
Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
Domain = example.local
[Translation]
LDAP_server = 192.168.1.112
LDAP_base = dc=example,dc=local
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup
Step:-11 Add in startup
# sysv-rc-conf libnss-ldap on
# sudo visudo
user ALL=(ALL:ALL) ALL
Step:-12 Reboot PC
# sudo visudo
user ALL=(ALL:ALL) ALL
Step:-12 Reboot PC