======LDAP Clinet Installation and Configuration.======
=====Preparation of virtual machine.=====
* Log onto the virtual machine, created for use as a LDAP client, as root using the password set at VM creation.
~$ ssh root@vm31.student.lab
Warning: Permanently added 'vm31.student.lab,10.80.3.31' (RSA) to the list of known hosts.
root@vm31.student.lab's password:Li0p13ur0d0n
* Use pico to edit the '/etc/hosts' file and change the beginning of the file matchs the following:
127.0.0.1 localhost
10.80.3.31 vm31.student.lab vm31
10.80.3.36 vm36.student.lab vm36
#The following lines are desireable for IPv6 capable hosts
* Install the ssh nmap packages using the command 'apt-get install ssh nmap'
* Press and when prompted.
*Confirm the LDAP server is available on the network using the command 'nmap -p 389 vm36.student.lab'
* Port state and service should read as "389/tcp open ldap"
=====OpenLDAP Client Install.=====
* Install the client packages needed using the command 'apt-get install libnss-ldap libpam-ldap nscd'
* When prompted enter 'ldap://vm36.student.lab' and press .
* When prompted change the default entry to 'dc=student,dc=lab' and press .
* When prompted select "3" using the arrow keys and press .
* When prompted change the default entry to 'cn=manager,dc=student,dc=lab' and press .
* When prompted for a password press .
* DO NOT ENTER A PASSWORD AT THIS POINT!
* When prompted press .
* When prompted select "" using the arrow keys and press .
* When prompted select "" using the arrow keys and press .
* Install the LDAP utilities package using the command 'apt-get install ldap-utils' and press .
* Reconfigure the //debconf// of //libnns-ldap// using the command 'dpkg-reconfigure libnss-ldap' and press .
* When prompted, confirm the entry reads "ldap://vm36.student.lab" and press .
* When prompted, confirm the entry reads "dc=student,dc=lab" and press .
* When prompted use the arrows to select "3" and press .
* When prompted use the arrows to select "" and press .
* When prompted use the arrows to select "" and press .
* When prompted use the arrows to select "" and press .
* Press to select "".
====ldap.conf====
* Use pico to edit the //"/etc/ldap/ldap.conf"// file using the command 'pico /etc/ldap/ldap.conf' and change the BASE and URI lines to match the following:
BASE dc=student,dc=lab
URI ldap://vm36.student.lab ldap://vm36.student.lab:665
* Save and exit usint the + command.
====nsswitch.conf====
* Stop the nscd daemon using the command '/etc/init.d/nscd stop'
* Use pico to edit the nsswitch.conf file by typing the command 'pico /etc/nsswitch.conf' and pressing .
* Change the passwd, group, shadow, and hosts entries to match the following:
passwd: ldap files
group: ldap files
shadow: ldap files
hosts: files dns
* Save and exit using the + command.
* Use the command '/etc/init.d/nscd restart' and then the key to restart the Name Service Cache Daemon.
====PAM Configuration====
* Use pico to edit the common-session file using the command 'pico /etc/pam.d/common-session'
* Add the following line to the end of the file:
session required pam_mkhomedir.so
* Save and exit using the + command.
====Verify Installation====
* Confirm installation using the following command:
~# id genUsr
* The response should look like:
uid=20000(genUsr) gid=20000 groups=20000
=====References:=====
[[http://www.rjsystems.nl/en/2100-d6-openldap-client.php|TechNotes - OpenLDAP client on Debian Squeeze]]
[[http://www.rjsystems.nl/en/2100-pam-debian.php|PAM configuration guide for Debian]]
[[http://www.faqs.org/rfcs/rfc3377.html|RFC 3377 - LDAP]]
[[http://www.faqs.org/rfcs/rfc2251.html|RFC 2251 - LDAP]]