LDAP clients

Pacotes necessários (Ubuntu 14.04 LTS)

ldap-auth-client nscd

Configurar Name Service Switch (NSS) para usar LDAP

$ sudo auth-client-config -t nss -p lac_ldap

Atualizar Pluggable Authentication Module (PAM) para usar LDAP

$ sudo pam-auth-update

O comando acima abre uma interface gráfica curses onde se devem selecionar as seguintes opções: Unix authentication, LDAP Authentication, Register user sessions in the systemd control group hierarchy, Inheritable Capabilities Management (Ubuntu 14.04 LTS).

Configuração LDAP no ficheiro /etc/ldap.conf

base dc=di,dc=fct,dc=unl,dc=pt
uri ldap://headnode
ldap_version 3

timelimit 30
bind_timelimit 30
idle_timelimit 3600

pam_filter objectclass=posixAccount
pam_member_attribute memberuid
pam_password clear

nss_base_passwd ou=Users,dc=di,dc=fct,dc=unl,dc=pt
nss_base_passwd ou=Computers,dc=di,dc=fct,dc=unl,dc=pt
nss_base_shadow ou=Users,dc=di,dc=fct,dc=unl,dc=pt
nss_base_group ou=Groups,dc=di,dc=fct,dc=unl,dc=pt
nss_map_attribute uniqueMember member