TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:21610] Is there an easy way to configure LDAP?
On Mon, 25 Sep 2000, Forrest Dickinson wrote:
> I am trying to configure an OpenLDAP server to handle authentication
> for
>
> my companies network I have read the Howto's and the man pages and still
>
> can not seem to get it to work. Although I have been able to get it to
> work as an address book. Is there a gui LDAP administrator similar to
> the Novell NDS administrator out there. I am trying to convert my some
> of my companies servers from NT 4.0 to Linux so I would really like to
> get this working (I do not want to have to manage 6 separate sets of
> user accounts on 6 different servers). I have the pam LDAP modules
> installed as well.
> Also if OpenLDAP is not "there yet" in functionality would NIS be a
> better and easier to setup and administer alternative? Unfortunately I
> do not know much about NIS either.
>
> I am currently running Redhat 6.1, Mandrake 7.1, and Caldera 2.4. I
> have not decided which distribution I like the best, but I am assuming
> LDAP or NIS setup would be about the same with any distribution.
LDAP auth is pretty simple..
install nss_ldap package (RH7.0 has RPM's; I built my own), configure
/etc/nsswitch.conf to use LDAP, and configure /etc/pam.d/* to use LDAP
(examples in /usr/doc/nss_ldap*/pam.d).
Example LDIF (from http://www.padl.com/ldap_examples.html):
dn: cn=Luke Howard,ou=people,dc=padl,dc=com
cn: Luke Howard
objectclass: top
objectclass: person
objectclass: account
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: posixAccount
mail: lukeh@padl.com
roomnumber:
homephone:
givenname: Luke
sn: Howard
uid: lukeh
userpassword: {crypt}*
loginshell: /bin/csh
uidnumber: 416
gidnumber: 10
homedirectory: /home/lukeh
..it all works, i've used it.
--
Nate Carlson <natecars@real-time.com> | Phone : (952)943-8700
http://www.real-time.com | Fax : (952)943-8500