Nss ldap

From CBLFS
Revision as of 16:01, 15 November 2008 by Jciccone (talk | contribs)
Jump to navigationJump to search
Download Source: http://www.padl.com/download/nss_ldap-264.tar.gz

Introduction to Nss ldap

The resolution of the entities defined in RFC 2307 is generally performed by a set of UNIX C library calls (such as getpwnam() to return the attributes of a user). The nss_ldap module provides the means for Solaris and Linux workstations to this information (such as users, hosts, and groups) from LDAP directories.

Project Homepage: http://www.padl.com/OSS/nss_ldap.html

Dependencies

Required

Optional

Non-Multilib

Compile the package: 

./configure --prefix=/usr --exec-prefix= \
    --sysconfdir=/etc --mandir=/usr/share/man \
    --enable-configurable-krb5-ccname-env \
    --enable-configurable-krb5-ccname-gssapi \
    --enable-configurable-krb5-keytab &&
make

Install the package: 

make install

Multilib

32Bit

todo

N32

todo

64Bit

todo

Configuring

When the package was installed the Makefile would have created a example ldap.conf in /etc. This configuration serves as more then a configuration for just nss_ldap. It also configures pam_ldap and Sudo among other packages.

Create a basic configuration for nss_ldap: 

cat >/etc/ldap.conf << "EOF"
# Begin /etc/ldap.conf

uri ldap://<fqdn of ldap server>/
base <BASE DN>

ldap_version 3

bind_policy soft
bind_timelimit 30
timelimit 30

# NSS Section

nss_base_passwd         ou=People,<BASE DN>
nss_base_group          ou=Groups,<BASE DN>
nss_base_shadow         ou=People,<BASE DN>

nss_base_hosts          ou=Hosts,<BASE DN>
nss_base_networks       ou=Networks,<BASE DN>

nss_base_protocols      ou=Protocals,<BASE DN>
nss_base_services       ou=Services,<BASE DN>
nss_base_rpc            ou=Rpc,<BASE DN>

nss_reconnect_tries     3

# End /etc/ldap.conf
EOF
Retrieved from "https://cblfs.clfs.org/index.php?title=Nss_ldap&oldid=16053"