Professional Documents
Culture Documents
04 Lucid Lynx
This is essentially the same as my previous Hardy Heron LDAP howto but with some steps removed. Rather than edit the old article I thought I'd just reproduce it with the appropriate parts omitted. This howto is also relevant to Jaunty and Karmic. The LDAP Server howto can be found here. PLATFORMS TESTED: Ubuntu 10.04 LTS (Lucid), Ubuntu 11.04 LTS (Natty) PREREQUISITES: * A vanilla Ubuntu 10.04 (or later) desktop or server install. * You have shared your user home directories from an NFS server * You have successfully installed a working LDAP server Network overview; * domain name: tuxnetworks.com * Servername/IP: ldap.tuxnetworks.com 10.1.1.5 * The user "brettg" is a valid LDAP user on your server. We are going to set up a Lucid client connected to an LDAP server. We should aready have our home directories mounted via NFS.
LDAP server Uniform Resource Identifier: ldap://ldap.tuxnetworks.com Distinguished name of the search base: dc=tuxnetworks,dc=com ldap://ldap.tuxnetworks.com 3 Make local root Database admin: Yes Does the LDAP database require login? No LDAP account for root: cn=admin,dc=tuxnetworks,dc=com LDAP root password: (The server LDAP root password)
Now we need to edit the following files;
~$ sudo vi /etc/ldap.conf
and edit these lines to look like this;
uri ldap://ldap.tuxnetworks.com/
Edit this file;
~$ sudo vi /etc/ldap/ldap.conf
Edit it to look like this;
BASE URI
Edit nsswitch.conf
~$ sudo vi /etc/nsswitch.conf
Enter the following lines;
files ldap files ldap files ldap files dns files db db db db files files files files
~$ ldapsearch -x
That command should output a tonne of stuff from the server LDAP directory.
getent passwd
You should now be able to login to the client via ssh using the user "brettg"s credentials
brettg@jupiter:~$ ssh brettg@galileo Welcome to Ubuntu 11.04 (GNU/Linux 2.6.38-8-generic x86_64) * Documentation: https://help.ubuntu.com/
vi /etc/security/group.conf gdm;*;*;Al0000-9000;floppy,audio,cdrom,video,plugdev,scanner
We also need to tell pam to use the group.conf settings;
vi /etc/pam.d/gdm
Add this line;