Back to Home Page ["BuildingALinuxDomain"]

Debian based system

This is a Client install for a Debian based system, to communicate with an LDAP Server.

Lets start off by addressing a bug that effects installs.

(bug #51315)

There is a current bug with the Ldap configuration that looks for the group nvram to correct this problem create the group nvram on the client machine.

                  addgroup --system nvram

Next install the required packages

                  aptitude install libnss-ldap libpam-ldap nscd

Once the packages start being unpacked you will see these questions:

which is yourIP address / hostname of the LDAP server

enter your root account for ldap server with the dc=my,dc=domain

Next we need to modify a couple different files

Files(libnss-ldap.conf, libnss-ldap.conf, /etc/libnss-ldap.secret, /etc/pam_ldap.conf and /etc/pam_ldap.secret)

== Should already have been configured during install of the packages, if an error was made double check theses files ==

#vi /etc/libnss-ldap.conf

ensure ldap name or IP address is correct

again ensure they are set to your specifications from above.

#vi /etc/libnss-ldap.secret

(ensure password correct)--

#vi /etc/pam_ldap.conf

#vi /etc/pam_ldap.secret

(ensure password correct)--

Will need to be configured

pam configuration files need to be modfied a bit like:

#vi /etc/pam.d/common-account }}}

#vi /etc/pam.d/common-auth

#vi /etc/pam.d/common-password

#vi /etc/pam.d/common-session

Finally, let's edit nsswitch so the system will be able to switch from local system authentication to ldap authentication.

# vim /etc/nsswitch.conf

With everything entered correctly you should have a working LDAP Client :)

Fedora Client

The Fedora or redhat client is slightly easier.


Check the boxes, then click next