Clientes LDAP / NFS

Configuración de los clientes de la red para que se autentifiquen contra el servidor LDAP:

Instalar los paquetes libpam-ldap y libnss-ldap:
#apt-get install libpam-ldap libnss-ldap

No | 192.168.1.200 | dc=aula | cn=admin, dc=aula

Modificar el fichero /etc/nsswitch.conf:
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.


passwd: compat ldap
group: compat ldap
shadow: compat ldap

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis

Modificar los ficheros common-account, common-auth, common-password, common-session, login y gdm contenidos en el directorio /etc/pam.d/

# /etc/pam.d/common-account - authorization settings common to all services
account sufficient pam_ldap.so
account required pam_unix.so try_first_pass


# /etc/pam.d/common-auth - authentication settings common to all services
auth sufficient pam_ldap.so
auth required pam_unix.so nullok_secure use_first_pass

# /etc/pam.d/common-password - password-related modules common to all services
password sufficient pam_ldap.so
password required pam_unix.so nullok obscure min=4 max=8 md5# /etc/pam.d/common-session - session-related modules common to all services
session required pam_unix.so
session optional pam_ldap.so
session optional pam_foreground.so

# /etc/pam.d/common-session - session-related modules common to all services
session required pam_unix.so
session optional pam_ldap.so
session optional pam_foreground.so

# The PAM configuration file for the Shadow `login' service
auth requisite pam_securetty.so
auth requisite pam_nologin.so
session required pam_env.so readenv=1
session required pam_env.so readenv=1 envfile=/etc/default/locale
# Standard Un*x authentication.
@include common-auth
auth optional pam_group.so
session required pam_limits.so
session optional pam_lastlog.so
session optional pam_motd.so
session optional pam_mail.so standard
# Standard Un*x account and session
@include common-account
@include common-session
session required pam_limits.so
session optional pam_lastlog.so
session optional pam_motd.so
session optional pam_mail.so standard
@include common-password


#%PAM-1.0 'gdm'
auth requisite pam_nologin.so
auth required pam_env.so readenv=1
#auth required pam_env.so readenv=1 envfile=/etc/default/locale
@include common-auth
#auth optional pam_gnome_keyring.so
@include common-account
session required pam_limits.so
@include common-session
#session optional pam_gnome_keyring.so auto_start
@include common-password

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s

A %d blogueros les gusta esto: