特殊:Badtitle/NS100:FedoraDirectoryServerClientHowto:修订间差异
小 新页面: {{From|https://help.ubuntu.com/community/FedoraDirectoryServerClientHowto}} {{Languages|UbuntuHelp:FedoraDirectoryServerClientHowto}} == Introduction == This howto is based on my Fedor... |
小无编辑摘要 |
||
第1行: | 第1行: | ||
{{From|https://help.ubuntu.com/community/FedoraDirectoryServerClientHowto}} | {{From|https://help.ubuntu.com/community/FedoraDirectoryServerClientHowto}} | ||
{{Languages|UbuntuHelp:FedoraDirectoryServerClientHowto}} | {{Languages|UbuntuHelp:FedoraDirectoryServerClientHowto}} | ||
== Introduction == | == Introduction == | ||
This howto is based on my FedoraDirectoryServer howto and I am going to tell you here how you are going to connect Ubuntu clients with Fedora-ds installed in another Ubuntu server. I will stick to the the following example scenario. Change your setting appropriately. This howto can be used your own LDAP server as well. | This howto is based on my FedoraDirectoryServer howto and I am going to tell you here how you are going to connect Ubuntu clients with Fedora-ds installed in another Ubuntu server. I will stick to the the following example scenario. Change your setting appropriately. This howto can be used your own LDAP server as well. | ||
My test setup is like this: | My test setup is like this: | ||
https://help.ubuntu.com/community/FedoraDirectoryServerClientHowto?action=AttachFile&do=get&target=FosseduAutoHome.jpg | https://help.ubuntu.com/community/FedoraDirectoryServerClientHowto?action=AttachFile&do=get&target=FosseduAutoHome.jpg | ||
== Installing LDAP Client Packages == | == Installing LDAP Client Packages == | ||
We need to install necessary client packages and setup them initially. To install all packages: | We need to install necessary client packages and setup them initially. To install all packages: | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo apt-get install libpam-ldap libnss-ldap | sudo apt-get install libpam-ldap libnss-ldap | ||
</nowiki></pre> | </nowiki></pre> | ||
During the installation it will ask few questions and don't worry about them but keep accepting the default settings since we are going to modify them manually later. | During the installation it will ask few questions and don't worry about them but keep accepting the default settings since we are going to modify them manually later. | ||
== Configuring Configuring nsswitch.conf file == | == Configuring Configuring nsswitch.conf file == | ||
The nsswitch.conf file is responsible for switching the authentication order in Linux and we need to setup to accept LDAP authentication. To edit the file: | The nsswitch.conf file is responsible for switching the authentication order in Linux and we need to setup to accept LDAP authentication. To edit the file: | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/nsswitch.conf | sudo vi /etc/nsswitch.conf | ||
</nowiki></pre> | </nowiki></pre> | ||
Then we need change <code><nowiki>compat</nowiki></code> with <code><nowiki>files ldap</nowiki></code>. Use the following command in vi command mode | Then we need change <code><nowiki>compat</nowiki></code> with <code><nowiki>files ldap</nowiki></code>. Use the following command in vi command mode | ||
<pre><nowiki> | <pre><nowiki> | ||
%s/compat/files ldap/g | %s/compat/files ldap/g | ||
</nowiki></pre> | </nowiki></pre> | ||
Now your changes will reflect as follows in /etc/nsswitch.conf | Now your changes will reflect as follows in /etc/nsswitch.conf | ||
<pre><nowiki> | <pre><nowiki> | ||
第42行: | 第28行: | ||
... | ... | ||
</nowiki></pre> | </nowiki></pre> | ||
The order <code><nowiki>files ldap</nowiki></code> will look <code><nowiki>/etc/passwd</nowiki></code> file first and then look LDAP for authentication. | The order <code><nowiki>files ldap</nowiki></code> will look <code><nowiki>/etc/passwd</nowiki></code> file first and then look LDAP for authentication. | ||
== Modifying /etc/pam_ldap.conf file == | == Modifying /etc/pam_ldap.conf file == | ||
We now replace above file with our version of this file. To backup the original file : | We now replace above file with our version of this file. To backup the original file : | ||
<pre><nowiki> | <pre><nowiki> | ||
cd /etc | cd /etc | ||
sudo mv pam_ldap.conf pam_ldap.conf.orig | sudo mv pam_ldap.conf pam_ldap.conf.orig | ||
</nowiki></pre> | </nowiki></pre> | ||
The open a new file and copy and paste the following contents the new file. | The open a new file and copy and paste the following contents the new file. | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/pam_ldap.conf | sudo vi /etc/pam_ldap.conf | ||
</nowiki></pre> | </nowiki></pre> | ||
Copy and paste the following code segment. | Copy and paste the following code segment. | ||
<pre><nowiki> | <pre><nowiki> | ||
host 10.0.0.1 | host 10.0.0.1 | ||
suffix "dc=fossedu,dc=org" | suffix "dc=fossedu,dc=org" | ||
uri ldap://10.0.0.1 | uri ldap://10.0.0.1 | ||
pam_password exop | pam_password exop | ||
ldap_version 3 | ldap_version 3 | ||
pam_filter objectclass=posixAccount | pam_filter objectclass=posixAccount | ||
第76行: | 第52行: | ||
nss_base_shadow ou=People,dc=fossedu,dc=org | nss_base_shadow ou=People,dc=fossedu,dc=org | ||
nss_base_group ou=Groups,dc=fossedu,dc=org | nss_base_group ou=Groups,dc=fossedu,dc=org | ||
scope one | scope one | ||
</nowiki></pre> | </nowiki></pre> | ||
Replace <code><nowiki>"dc=fossedu,dc=com"</nowiki></code> with your own distinguished name of the search base. For example <code><nowiki>dc=yourdoman,dc=com</nowiki></code> | Replace <code><nowiki>"dc=fossedu,dc=com"</nowiki></code> with your own distinguished name of the search base. For example <code><nowiki>dc=yourdoman,dc=com</nowiki></code> | ||
== Configuring PAM == | == Configuring PAM == | ||
The PAM configuration is split in 4 files: common-account, common-auth, common-password and common-session. Let us keep our original files back up in case we need a recovery again to our original setup. To backup original files: | The PAM configuration is split in 4 files: common-account, common-auth, common-password and common-session. Let us keep our original files back up in case we need a recovery again to our original setup. To backup original files: | ||
<pre><nowiki> | <pre><nowiki> | ||
cd /etc/pam.d | cd /etc/pam.d | ||
第91行: | 第62行: | ||
mv | mv | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Setting common-account === | === Setting common-account === | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/pam.d/common-account | sudo vi /etc/pam.d/common-account | ||
</nowiki></pre> | </nowiki></pre> | ||
Copy and paste the following code segment. | Copy and paste the following code segment. | ||
<pre><nowiki> | <pre><nowiki> | ||
account sufficient pam_ldap.so | account sufficient pam_ldap.so | ||
account required pam_unix.so | account required pam_unix.so | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Setting common-auth === | === Setting common-auth === | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/pam.d/common-auth | sudo vi /etc/pam.d/common-auth | ||
</nowiki></pre> | </nowiki></pre> | ||
Copy and paste the following code segment | Copy and paste the following code segment | ||
<pre><nowiki> | <pre><nowiki> | ||
auth sufficient pam_ldap.so | auth sufficient pam_ldap.so | ||
auth required pam_unix.so nullok_secure use_first_pass | auth required pam_unix.so nullok_secure use_first_pass | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Setting common-password === | === Setting common-password === | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/pam.d/common-password | sudo vi /etc/pam.d/common-password | ||
</nowiki></pre> | </nowiki></pre> | ||
Copy and paste the following code segment. | Copy and paste the following code segment. | ||
<pre><nowiki> | <pre><nowiki> | ||
password sufficient pam_ldap.so | password sufficient pam_ldap.so | ||
password required pam_unix.so nullok obscure min=4 max=8 md5 | password required pam_unix.so nullok obscure min=4 max=8 md5 | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Setting common-session === | === Setting common-session === | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/pam.d/common-session | sudo vi /etc/pam.d/common-session | ||
</nowiki></pre> | </nowiki></pre> | ||
Copy and paste the following code segment. | Copy and paste the following code segment. | ||
<pre><nowiki> | <pre><nowiki> | ||
session sufficient pam_ldap.so | session sufficient pam_ldap.so | ||
session required pam_unix.so | session required pam_unix.so | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Testing the Setup === | === Testing the Setup === | ||
Let's test our setup now. To test LDAP connectivity: | Let's test our setup now. To test LDAP connectivity: | ||
<pre><nowiki> | <pre><nowiki> | ||
getent passwd fmaster | getent passwd fmaster | ||
</nowiki></pre> | </nowiki></pre> | ||
Your output should be something like this: | Your output should be something like this: | ||
<pre><nowiki> | <pre><nowiki> | ||
fmaster:x:1006:1006:Foss Master:/home/fsmaster:/bin/bash | fmaster:x:1006:1006:Foss Master:/home/fsmaster:/bin/bash | ||
</nowiki></pre> | </nowiki></pre> | ||
== Automatically Mounting User's Home Directory == | == Automatically Mounting User's Home Directory == | ||
We need to mount user's home directory when they login to a system and we try to manage our users as roaming users. Install following packages in all of your client system to enable this. | We need to mount user's home directory when they login to a system and we try to manage our users as roaming users. Install following packages in all of your client system to enable this. | ||
=== Setup your server for NFS Exports === | === Setup your server for NFS Exports === | ||
In the Ubuntu server to which your have install Fedora-ds we need to export users home directories via NFS | In the Ubuntu server to which your have install Fedora-ds we need to export users home directories via NFS | ||
'''To install NFS server''' | '''To install NFS server''' | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo apt-get install nfs-kernel-server | sudo apt-get install nfs-kernel-server | ||
</nowiki></pre> | </nowiki></pre> | ||
To export the file system, setup <code><nowiki>/etc/exports</nowiki></code>. | To export the file system, setup <code><nowiki>/etc/exports</nowiki></code>. | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/exports | sudo vi /etc/exports | ||
</nowiki></pre> | </nowiki></pre> | ||
Add the following code segment into the file. | Add the following code segment into the file. | ||
<pre><nowiki> | <pre><nowiki> | ||
/ahome 10.0.0.0/24(rw,sync,root_squash) | /ahome 10.0.0.0/24(rw,sync,root_squash) | ||
</nowiki></pre> | </nowiki></pre> | ||
'''Export the file system''' | '''Export the file system''' | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo exportfs -arv | sudo exportfs -arv | ||
</nowiki></pre> | </nowiki></pre> | ||
Your output should look like: | Your output should look like: | ||
<pre><nowiki> | <pre><nowiki> | ||
exporting 10.0.0.0/24:/ahome | exporting 10.0.0.0/24:/ahome | ||
</nowiki></pre> | </nowiki></pre> | ||
'''To veryfiy nfs exports''' | '''To veryfiy nfs exports''' | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo exportfs -v | sudo exportfs -v | ||
</nowiki></pre> | </nowiki></pre> | ||
Output: | Output: | ||
<pre><nowiki> | <pre><nowiki> | ||
/home 10.0.0.0/24(rw,wdelay,root_squash) | /home 10.0.0.0/24(rw,wdelay,root_squash) | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Setting up clients for NFS and autofs === | === Setting up clients for NFS and autofs === | ||
'''To install nfs clients and autofs''' | '''To install nfs clients and autofs''' | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo apt-get install autofs nfs-common | sudo apt-get install autofs nfs-common | ||
</nowiki></pre> | </nowiki></pre> | ||
=== Setting autofs === | === Setting autofs === | ||
'''Create auto.ahome file.''' | '''Create auto.ahome file.''' | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/auto.ahome | sudo vi /etc/auto.ahome | ||
</nowiki></pre> | </nowiki></pre> | ||
Add the following code segment to this file. | Add the following code segment to this file. | ||
<pre><nowiki> | <pre><nowiki> | ||
* -fstype=nfs,rw,hard,intr,rsize=2048,wsize=2048,nosuid,nfsvers=3 10.0.0.1:/ahome/& | * -fstype=nfs,rw,hard,intr,rsize=2048,wsize=2048,nosuid,nfsvers=3 10.0.0.1:/ahome/& | ||
</nowiki></pre> | </nowiki></pre> | ||
'''Create a mount point for auto homes''' | '''Create a mount point for auto homes''' | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo mkdir /ahome | sudo mkdir /ahome | ||
</nowiki></pre> | </nowiki></pre> | ||
'''Add auto.home file to /etc/auto.master''' | '''Add auto.home file to /etc/auto.master''' | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo vi /etc/auto.master | sudo vi /etc/auto.master | ||
</nowiki></pre> | </nowiki></pre> | ||
Add the the following code segment to the above file | Add the the following code segment to the above file | ||
<pre><nowiki> | <pre><nowiki> | ||
/ahome /etc/auto.ahome --timeout=120 | /ahome /etc/auto.ahome --timeout=120 | ||
</nowiki></pre> | </nowiki></pre> | ||
'''Restart autofs''' | '''Restart autofs''' | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo /etc/init.d/autofs restart | sudo /etc/init.d/autofs restart | ||
</nowiki></pre> | </nowiki></pre> | ||
To test your setup login as <code><nowiki>fmaster</nowiki></code> | To test your setup login as <code><nowiki>fmaster</nowiki></code> | ||
If you can login, Cheers !!! | If you can login, Cheers !!! | ||
Howto created by: ChinthakaDeshapriya. | Howto created by: ChinthakaDeshapriya. | ||
---- | ---- |
2007年11月30日 (五) 17:12的版本
文章出处: |
{{#if: | {{{2}}} | https://help.ubuntu.com/community/FedoraDirectoryServerClientHowto }} |
点击翻译: |
English {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/af | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Afrikaans| [[::FedoraDirectoryServerClientHowto/af|Afrikaans]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/ar | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|العربية| [[::FedoraDirectoryServerClientHowto/ar|العربية]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/az | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|azərbaycanca| [[::FedoraDirectoryServerClientHowto/az|azərbaycanca]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/bcc | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|جهلسری بلوچی| [[::FedoraDirectoryServerClientHowto/bcc|جهلسری بلوچی]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/bg | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|български| [[::FedoraDirectoryServerClientHowto/bg|български]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/br | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|brezhoneg| [[::FedoraDirectoryServerClientHowto/br|brezhoneg]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/ca | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|català| [[::FedoraDirectoryServerClientHowto/ca|català]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/cs | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|čeština| [[::FedoraDirectoryServerClientHowto/cs|čeština]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/de | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Deutsch| [[::FedoraDirectoryServerClientHowto/de|Deutsch]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/el | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Ελληνικά| [[::FedoraDirectoryServerClientHowto/el|Ελληνικά]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/es | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|español| [[::FedoraDirectoryServerClientHowto/es|español]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/fa | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|فارسی| [[::FedoraDirectoryServerClientHowto/fa|فارسی]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/fi | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|suomi| [[::FedoraDirectoryServerClientHowto/fi|suomi]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/fr | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|français| [[::FedoraDirectoryServerClientHowto/fr|français]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/gu | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|ગુજરાતી| [[::FedoraDirectoryServerClientHowto/gu|ગુજરાતી]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/he | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|עברית| [[::FedoraDirectoryServerClientHowto/he|עברית]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/hu | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|magyar| [[::FedoraDirectoryServerClientHowto/hu|magyar]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/id | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Bahasa Indonesia| [[::FedoraDirectoryServerClientHowto/id|Bahasa Indonesia]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/it | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|italiano| [[::FedoraDirectoryServerClientHowto/it|italiano]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/ja | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|日本語| [[::FedoraDirectoryServerClientHowto/ja|日本語]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/ko | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|한국어| [[::FedoraDirectoryServerClientHowto/ko|한국어]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/ksh | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Ripoarisch| [[::FedoraDirectoryServerClientHowto/ksh|Ripoarisch]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/mr | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|मराठी| [[::FedoraDirectoryServerClientHowto/mr|मराठी]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/ms | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Bahasa Melayu| [[::FedoraDirectoryServerClientHowto/ms|Bahasa Melayu]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/nl | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Nederlands| [[::FedoraDirectoryServerClientHowto/nl|Nederlands]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/no | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|norsk| [[::FedoraDirectoryServerClientHowto/no|norsk]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/oc | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|occitan| [[::FedoraDirectoryServerClientHowto/oc|occitan]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/pl | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|polski| [[::FedoraDirectoryServerClientHowto/pl|polski]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/pt | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|português| [[::FedoraDirectoryServerClientHowto/pt|português]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/ro | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|română| [[::FedoraDirectoryServerClientHowto/ro|română]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/ru | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|русский| [[::FedoraDirectoryServerClientHowto/ru|русский]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/si | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|සිංහල| [[::FedoraDirectoryServerClientHowto/si|සිංහල]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/sq | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|shqip| [[::FedoraDirectoryServerClientHowto/sq|shqip]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/sr | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|српски / srpski| [[::FedoraDirectoryServerClientHowto/sr|српски / srpski]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/sv | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|svenska| [[::FedoraDirectoryServerClientHowto/sv|svenska]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/th | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|ไทย| [[::FedoraDirectoryServerClientHowto/th|ไทย]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/tr | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Türkçe| [[::FedoraDirectoryServerClientHowto/tr|Türkçe]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/vi | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|Tiếng Việt| [[::FedoraDirectoryServerClientHowto/vi|Tiếng Việt]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/yue | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|粵語| [[::FedoraDirectoryServerClientHowto/yue|粵語]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/zh | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|中文| [[::FedoraDirectoryServerClientHowto/zh|中文]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/zh-hans | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|中文(简体)| [[::FedoraDirectoryServerClientHowto/zh-hans|中文(简体)]]}}|}} {{#ifexist: {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto | UbuntuHelp:FedoraDirectoryServerClientHowto | {{#if: | :}}FedoraDirectoryServerClientHowto}}/zh-hant | • {{#if: UbuntuHelp:FedoraDirectoryServerClientHowto|中文(繁體)| [[::FedoraDirectoryServerClientHowto/zh-hant|中文(繁體)]]}}|}} |
{{#ifeq:UbuntuHelp:FedoraDirectoryServerClientHowto|:FedoraDirectoryServerClientHowto|请不要直接编辑翻译本页,本页将定期与来源同步。}} |
{{#ifexist: :FedoraDirectoryServerClientHowto/zh | | {{#ifexist: FedoraDirectoryServerClientHowto/zh | | {{#ifeq: {{#titleparts:FedoraDirectoryServerClientHowto|1|-1|}} | zh | | }} }} }} {{#ifeq: {{#titleparts:FedoraDirectoryServerClientHowto|1|-1|}} | zh | | }}
Introduction
This howto is based on my FedoraDirectoryServer howto and I am going to tell you here how you are going to connect Ubuntu clients with Fedora-ds installed in another Ubuntu server. I will stick to the the following example scenario. Change your setting appropriately. This howto can be used your own LDAP server as well. My test setup is like this:
Installing LDAP Client Packages
We need to install necessary client packages and setup them initially. To install all packages:
sudo apt-get install libpam-ldap libnss-ldap
During the installation it will ask few questions and don't worry about them but keep accepting the default settings since we are going to modify them manually later.
Configuring Configuring nsswitch.conf file
The nsswitch.conf file is responsible for switching the authentication order in Linux and we need to setup to accept LDAP authentication. To edit the file:
sudo vi /etc/nsswitch.conf
Then we need change compat
with files ldap
. Use the following command in vi command mode
%s/compat/files ldap/g
Now your changes will reflect as follows in /etc/nsswitch.conf
... passwd: files ldap group: files ldap shadow: files ldap ...
The order files ldap
will look /etc/passwd
file first and then look LDAP for authentication.
Modifying /etc/pam_ldap.conf file
We now replace above file with our version of this file. To backup the original file :
cd /etc sudo mv pam_ldap.conf pam_ldap.conf.orig
The open a new file and copy and paste the following contents the new file.
sudo vi /etc/pam_ldap.conf
Copy and paste the following code segment.
host 10.0.0.1 suffix "dc=fossedu,dc=org" uri ldap://10.0.0.1 pam_password exop ldap_version 3 pam_filter objectclass=posixAccount pam_login_attribute uid pam_member_attribute memberuid nss_base_passwd ou=People,dc=fossedu,dc=org nss_base_shadow ou=People,dc=fossedu,dc=org nss_base_group ou=Groups,dc=fossedu,dc=org scope one
Replace "dc=fossedu,dc=com"
with your own distinguished name of the search base. For example dc=yourdoman,dc=com
Configuring PAM
The PAM configuration is split in 4 files: common-account, common-auth, common-password and common-session. Let us keep our original files back up in case we need a recovery again to our original setup. To backup original files:
cd /etc/pam.d for name in `ls common-*` ; do sudo mv "$name" "$name".orig ; done mv
Setting common-account
sudo vi /etc/pam.d/common-account
Copy and paste the following code segment.
account sufficient pam_ldap.so account required pam_unix.so
Setting common-auth
sudo vi /etc/pam.d/common-auth
Copy and paste the following code segment
auth sufficient pam_ldap.so auth required pam_unix.so nullok_secure use_first_pass
Setting common-password
sudo vi /etc/pam.d/common-password
Copy and paste the following code segment.
password sufficient pam_ldap.so password required pam_unix.so nullok obscure min=4 max=8 md5
Setting common-session
sudo vi /etc/pam.d/common-session
Copy and paste the following code segment.
session sufficient pam_ldap.so session required pam_unix.so
Testing the Setup
Let's test our setup now. To test LDAP connectivity:
getent passwd fmaster
Your output should be something like this:
fmaster:x:1006:1006:Foss Master:/home/fsmaster:/bin/bash
Automatically Mounting User's Home Directory
We need to mount user's home directory when they login to a system and we try to manage our users as roaming users. Install following packages in all of your client system to enable this.
Setup your server for NFS Exports
In the Ubuntu server to which your have install Fedora-ds we need to export users home directories via NFS To install NFS server
sudo apt-get install nfs-kernel-server
To export the file system, setup /etc/exports
.
sudo vi /etc/exports
Add the following code segment into the file.
/ahome 10.0.0.0/24(rw,sync,root_squash)
Export the file system
sudo exportfs -arv
Your output should look like:
exporting 10.0.0.0/24:/ahome
To veryfiy nfs exports
sudo exportfs -v
Output:
/home 10.0.0.0/24(rw,wdelay,root_squash)
Setting up clients for NFS and autofs
To install nfs clients and autofs
sudo apt-get install autofs nfs-common
Setting autofs
Create auto.ahome file.
sudo vi /etc/auto.ahome
Add the following code segment to this file.
* -fstype=nfs,rw,hard,intr,rsize=2048,wsize=2048,nosuid,nfsvers=3 10.0.0.1:/ahome/&
Create a mount point for auto homes
sudo mkdir /ahome
Add auto.home file to /etc/auto.master
sudo vi /etc/auto.master
Add the the following code segment to the above file
/ahome /etc/auto.ahome --timeout=120
Restart autofs
sudo /etc/init.d/autofs restart
To test your setup login as fmaster
If you can login, Cheers !!!
Howto created by: ChinthakaDeshapriya.