LDAP (Lightweight Directory Access Protocol) allows you to keep information such as authentication credentials stored in one central location. If you have an OpenLDAP server set up, LDAP users can access any client machine that has been configured to authenticate through the OpenLDAP server. For example, users would be able to SSH to a configured client machine using their LDAP credentials. Use the following instructions to configure a Linux Centos client machine.
1. Install all of the necessary packages with the following command:
yum -y install openldap openldap-clients nss-pam-ldapd pam_ldap nscd autofs rpcbind nfs-utils
2. Configure the system authentication resources to know where to look for the LDAP server when a user connects. Run the following command and replace example.com with your domain and
dc=example,dc=com with your LDAP domain controller:
authconfig --enableldap --enableldapauth --ldapserver=ldap://ldap.example.com:389/ --ldapbasedn="dc=example,dc=com" \
--enablecache --disablefingerprint --kickstart
3. Configure nsswitch.conf to automount LDAP so it's accessible when users query it. Locate the following file and open it in a text editor:
Find the automount line and change it to the following:
automount: files ldap
If the line does not exist, add it to the file as it appears above.
4. Edit autofs to configure automount. Locate the following file and open it in a text editor:
The file should include the following section. Replace example.com with your domain and
dc=example,dc=com with your LDAP domain controller name:
5. Restart autofs, nscd, and enable autofs to start at bootup. Use the following commands:
service nscd restart
service autofs restart
chkconfig autofs on
6. Your client machine is now configured to authenticate with the OpenLDAP server.