here is my configuration
1-/etc/ldap.conf
host 192.168.0.44
base dc=doremi,dc=com
uri ldap://192.168.0.44
ldap_version 3
binddn cn=toto,cn=Users,dc=doremi,dc=com
bindpw 12345678
scope sub
bind_policy soft
ssl no
nss_base_passwd cn=Users,dc=doremi,dc=com?sub
nss_base_shadow cn=Users,dc=doremi,dc=com?sub
nss_base_group cn=Users,dc=doremi,dc=com?sub
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_objectclass posixGroup Group
nss_map_attribute loginShell msSFU30loginShell
nss_map_attribute uniqueMember msSFU30PosixMember
nss_map_attribute cn sAMAccountName
pam_filter objectclass=user
pam_member_attribute msSFU30PosixMember
pam_groupdn cn=linuxGroup,cn=Users,dc=doremi,dc=com
pam_password ad
2- /etc/ldap/ldap.conf
BASE dc=doremi, dc=com
URI ldap://192.168.0.44
HOST 192.168.0.44
Now you can make a query to the server to retrieve the database tree by the command ldapsearch that need ldap-util package.
ldapsearch -x -D " cn=Administrator , cn=Users , dc=somecompany , dc=com " –W –s sub -LLL "sAMAccountName=toto"
This command needs you to enter the server administrator password
If you receive a database tree of server without any error you can continue or else you should recheck your configuration
3- /etc/pam.d/ common-account
account required pam_unix.so try_first_pass
account sufficient pam_ldap.so
account sufficient pam_deny.so
4- /etc/pam.d/ common-auth
auth required pam_env.so
auth sufficient pam_ldap.so
auth required pam_unix.so nullok_secure try_first_pass
5- /etc/pam.d/ common-passwd
password sufficient pam_ldap.so
password required pam_unix.so nullok obsecure md5
6- /etc/pam.d/ common-session
session sufficient pam_ldap.so
session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
7- \usr\local\etc\openldap\ldap.conf
BASE dc=doremi, dc=com
URI ldap://192.168.0.44
8- \etc\nsswitch.conf
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns mdns4_minimal [NOTFOUND=return] mdns4
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
|