user:bewanyk:portfolio:ldap-client-install
Table of Contents
LDAP Clinet Installation and Configuration.
Preparation of virtual machine.
- Log onto the virtual machine, created for use as a LDAP client, as root using the password set at VM creation.
~$ ssh root@vm31.student.lab Warning: Permanently added 'vm31.student.lab,10.80.3.31' (RSA) to the list of known hosts. root@vm31.student.lab's password:Li0p13ur0d0n
- Use pico to edit the '/etc/hosts' file and change the beginning of the file matchs the following:
127.0.0.1 localhost 10.80.3.31 vm31.student.lab vm31 10.80.3.36 vm36.student.lab vm36 #The following lines are desireable for IPv6 capable hosts
- Install the ssh nmap packages using the command 'apt-get install ssh nmap'
- Press <Y> and <Enter> when prompted.
- Confirm the LDAP server is available on the network using the command 'nmap -p 389 vm36.student.lab'
- Port state and service should read as “389/tcp open ldap”
OpenLDAP Client Install.
- Install the client packages needed using the command 'apt-get install libnss-ldap libpam-ldap nscd'
- When prompted enter 'ldap://vm36.student.lab' and press <Enter>.
- When prompted change the default entry to 'dc=student,dc=lab' and press <Enter>.
- When prompted select “3” using the arrow keys and press <Enter>.
- When prompted change the default entry to 'cn=manager,dc=student,dc=lab' and press <Enter>.
- When prompted for a password press <Enter>.
- DO NOT ENTER A PASSWORD AT THIS POINT!
- When prompted press <Enter>.
- When prompted select “<No>” using the arrow keys and press <Enter>.
- When prompted select “<No>” using the arrow keys and press <Enter>.
- Install the LDAP utilities package using the command 'apt-get install ldap-utils' and press <Enter>.
- Reconfigure the debconf of libnns-ldap using the command 'dpkg-reconfigure libnss-ldap' and press <Enter>.
- When prompted, confirm the entry reads “ldap://vm36.student.lab” and press <Enter>.
- When prompted, confirm the entry reads “dc=student,dc=lab” and press <Enter>.
- When prompted use the arrows to select “3” and press <Enter>.
- When prompted use the arrows to select “<No>” and press <Enter>.
- When prompted use the arrows to select “<No>” and press <Enter>.
- When prompted use the arrows to select “<No>” and press <Enter>.
- Press <Enter> to select “<Ok>”.
ldap.conf
- Use pico to edit the “/etc/ldap/ldap.conf” file using the command 'pico /etc/ldap/ldap.conf' and change the BASE and URI lines to match the following:
BASE dc=student,dc=lab URI ldap://vm36.student.lab ldap://vm36.student.lab:665
- Save and exit usint the <Ctrl>+<X> command.
nsswitch.conf
- Stop the nscd daemon using the command '/etc/init.d/nscd stop'
- Use pico to edit the nsswitch.conf file by typing the command 'pico /etc/nsswitch.conf' and pressing <Enter>.
- Change the passwd, group, shadow, and hosts entries to match the following:
passwd: ldap files group: ldap files shadow: ldap files hosts: files dns
- Save and exit using the <Ctrl>+<X> command.
- Use the command '/etc/init.d/nscd restart' and then the <Enter> key to restart the Name Service Cache Daemon.
PAM Configuration
- Use pico to edit the common-session file using the command 'pico /etc/pam.d/common-session'
- Add the following line to the end of the file:
session required pam_mkhomedir.so
- Save and exit using the <Ctrl>+<X> command.
Verify Installation
- Confirm installation using the following command:
~# id genUsr
- The response should look like:
uid=20000(genUsr) gid=20000 groups=20000
References:
user/bewanyk/portfolio/ldap-client-install.txt · Last modified: 2011/04/04 15:02 by bewanyk