Linux LDAP Network Centralize authentication
 

Hi,

I have more than 150 Linux desktop computer in my office IT setup.

I want to configure LDAP centralize network authentication for all the desktop computer.

My requirement is below mentioned.

The LDAP server will only authenticate the desktop computer at the log-in time when the user start computer.

The home directory of all the user should be create in their desktop local computer not in the LDAP server.

And flexibility of user log-in for every desktop.
(any user can log-in any computer with his/her username and password)and the home directory will create automatically in the local desktop computer automatically the moment any user will log-in to any computer in the network and the LDAP server will authenticate for desktop-network log-in in to the computer.

Request you to kindly help me for this type of configuration for my LDAP centralize network authentication.

What you want is a totally normal usage of ldap, nothing "interesting" at all. Just configure ldap in pam to point to those servers and also nss_ldap for obtaining the home directories and the likes. Enable pam_mkhomedir in pam to create home directories as required. Not that it doesn't make sense to store the home dirs in the "ldap server", consider the ldap server to be a server process and data files - NOT the machine itself.

If you have no ldap server at all yet, then openldap will do this job just fine with a fairly default installation. Just remember to do ONE THING at a time, and be sure of that stage before moving on to the next. For example, make sure "getent passwd" works on a client before expecting a full on login to work.