How to configure pam_ldap ?

The Goal is simple: use a unique and centralized users database for servers authentication.

PAM is a module dedicated to authentication process on Linux machines. pam_ldap is a module that make it possible to use a LDAP database to store users. With this module installed and configured on your servers, you will be able to connect to your servers with a unique login and a unique password stored in a unique place (your LDAP database).

First step is to install it :

sudo apt-get install libpam-ldap

FIXME : détailler les réponses aux questions

Naively, pam_ldap is not designed to handle Linux users and groups informations (uid, gid…) whereas these data are stored in the LDAP database. The libnss-ldap program is needed to achieve this task. It will start the nscd daemon that will himself handle these extra information queries.

sudo apt-get install libnss-ldap

FIXME : détailler les réponses aux questions

Notice: most of libnss-ldap parameters are the same as the pam_ldap ones.


Enter your comment

Recent changes RSS feed Valid XHTML 1.0 Valid CSS Driven by DokuWiki