OpenLDAP client setup
Now that you have a great server setup, you need a way to interact with it by installing and configuring the OpenLDAP client. Setting up this client is essential for enabling centralized authentication and resource access across your network.
Integrating your Ubuntu system with the LDAP directory server establishes a unified authentication mechanism, enhancing security and simplifying user management.
To install and configure the OpenLDAP client, follow these steps:
Step -1 : Configuring hostname & FQDN
sudo sh -c 'echo "19.168.146.134 ldapserver.rookie.com" >> /etc/hosts'now we will try to ping the server to check the hostname is correctly configured
ping ldapserver.rookie.comStep -2 : Installing required packages
$> sudo apt update && sudo apt install libnss-ldap libpam-ldap ldap-utils nscd -yAgain the pinkish screen appers but this time we have to setup connection between the client & the server
Now we have sucessfullt configured the LDAP package , lastly we have to make a slight change into the configuration files
$> sudo nano /etc/ldap.conf
We just have to comment the "uri ldapi" line and uncomment the "uri ldap://" & make the ip changes and save the file & exit.
Step -4 : Configuring OpenLDAP client
$> sudo nano /etc/nsswitch.conf
compat – Refers to local files like /etc/passwd.
ldap – Specifies the use of LDAP.
passwd: compat systemd ldap
group: compat systemd ldap
shadow: compat
Now save & exit the configuration file and now edit the following file
$> sudo nano /etc/pam.d/common-passwordRemove the use_authtok option, as highlighted below, save the changes, and close the file.
Additionally, open the /etc/pam.d/common-session file, add the following line and save and close the file.
$> sudo nano /etc/pam.d/common-session
session optional pam_mkhomedir.so skel=/etc/skel umask=077Lastly, run the command below to restart the Name Service Cache Daemon (nscd) and apply the configuration changes.
sudo systemctl restart nscdLast updated