Back to Home Page ["BuildingALinuxDomain"]

Debian based system

This is a Client install for a Debian based system, to communicate with an LDAP Server.

Lets start off by addressing a bug that effects installs.

(bug #51315)

There is a current bug with the Ldap configuration that looks for the group nvram to correct this problem create the group nvram on the client machine.

                  addgroup --system nvram

Next install the required packages

                  aptitude install libnss-ldap libpam-ldap nscd

Once the packages start being unpacked you will see these questions:


which is yourIP address / hostname of the LDAP server


enter your root account for ldap server with the dc=my,dc=domain

Next we need to modify a couple different files

Files(libnss-ldap.conf, libnss-ldap.conf, /etc/libnss-ldap.secret, /etc/pam_ldap.conf and /etc/pam_ldap.secret)

== Should already have been configured during install of the packages, if an error was made double check theses files ==

#vi /etc/libnss-ldap.conf

ensure ldap name or IP address is correct


again ensure they are set to your specifications from above.

#vi /etc/libnss-ldap.secret

(ensure password correct)--


#vi /etc/pam_ldap.conf

#vi /etc/pam_ldap.secret

(ensure password correct)--


Will need to be configured

pam configuration files need to be modfied a bit like:

#vi /etc/pam.d/common-account }}}

#vi /etc/pam.d/common-auth

#vi /etc/pam.d/common-password

#vi /etc/pam.d/common-session

Finally, let's edit nsswitch so the system will be able to switch from local system authentication to ldap authentication.

# vim /etc/nsswitch.conf

With everything entered correctly you should have a working LDAP Client :)

Fedora Client

The Fedora or redhat client is slightly easier.

                  /usr/bin/authconfig-tui

<img src="http://img175.imageshack.us/img175/8835/authap0.jpg">