Back to Home Page ["BuildingALinuxDomain"]

This page decribes the steps on connecting a linux client to a ldap domain.

Debian based system

This is a Client install for a Debian based system, to communicate with an LDAP Server.

Lets start off by addressing a bug that effects installs.

(bug #51315)

There is a current bug with the Ldap configuration that looks for the group nvram to correct this problem create the group nvram on the client machine.

addgroup --system nvram

Next install the required packages

aptitude install libnss-ldap libpam-ldap nscd

Once the packages start being unpacked you will see these questions:


which is yourIP address / hostname of the LDAP server


enter your root account for ldap server with the dc=my,dc=domain

Next we need to modify a couple different files

Files(libnss-ldap.conf, libnss-ldap.conf, /etc/libnss-ldap.secret, /etc/pam_ldap.conf and /etc/pam_ldap.secret)

== Should already have been configured during install of the packages, if an error was made double check theses files ==

vi /etc/libnss-ldap.conf

ensure ldap name or IP address is correct


again ensure they are set to your specifications from above.

vi /etc/libnss-ldap.secret

(ensure password correct)--


vi /etc/pam_ldap.conf

vi /etc/pam_ldap.secret

(ensure password correct)--


Will need to be configured

pam configuration files need to be modfied a bit like:

vi /etc/pam.d/common-account }}}

vi /etc/pam.d/common-auth

vi /etc/pam.d/common-password

vi /etc/pam.d/common-session

Finally, let's edit nsswitch so the system will be able to switch from local system authentication to ldap authentication.

vim /etc/nsswitch.conf

With everything entered correctly you should have a working LDAP Client :)

Fedora Client

The Fedora or redhat client is slightly easier.

 /usr/bin/authconfig-tui

http://img175.imageshack.us/img175/8835/authap0.jpg

Check the boxes, then click next

http://img501.imageshack.us/img501/7460/auth2va1.jpg

Enter your server DNS name or IP address and your domain name. Click ok and your done.