This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
linux:ad_backend [2009/10/31 03:23] hef |
linux:ad_backend [2021/05/02 21:36] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Ubuntu AD Backend ====== | ||
+ | |||
====== ldap to AD/nss ====== | ====== ldap to AD/nss ====== | ||
Line 5: | Line 7: | ||
sudo apt-get update | sudo apt-get update | ||
- | sudo apt-get install libnss-ldap | + | sudo apt-get install nslcd |
===== configuring ===== | ===== configuring ===== | ||
Line 11: | Line 13: | ||
LDAP Server Host Address: | LDAP Server Host Address: | ||
- | ldap://amadeus.acm.cs | + | <code> |
+ | ldaps://ad1.acm.cs | ||
+ | ldaps://ad2.acm.cs | ||
+ | ldaps://ad3.acm.cs | ||
+ | </code> | ||
distinguished name of the search base: | distinguished name of the search base: | ||
DC=acm,DC=cs | DC=acm,DC=cs | ||
Line 21: | Line 26: | ||
get root ldap access: no | get root ldap access: no | ||
- | Dos Ldap require login: yes | + | Does Ldap require login: yes |
Unprivileged database user: apacheacm@acm.cs | Unprivileged database user: apacheacm@acm.cs | ||
- | Password for database login account: (get this from a sysadmin) | + | Password for database login account: (get this from a sysadmin) (syadmin hint: look in /etc/apache2/sites-enabled/acm.cs.uic.edu-secure on acm) |
===== getting the settings ===== | ===== getting the settings ===== | ||
Line 58: | Line 63: | ||
# `info libc "Name Service Switch"' for information about this file. | # `info libc "Name Service Switch"' for information about this file. | ||
- | passwd: compat ldap | + | passwd: files ldap |
- | group: compat ldap | + | group: files ldap |
- | shadow: compat ldap | + | shadow: files ldap |
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 | hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 | ||
Line 73: | Line 78: | ||
</file> | </file> | ||
+ | |||
+ | ===== restart service ===== | ||
+ | |||
+ | <code> | ||
+ | sudo service nslcd restart | ||
+ | </code> | ||
===== first test ===== | ===== first test ===== | ||
Line 85: | Line 96: | ||
apt-get install krb5-user | apt-get install krb5-user | ||
apt-get install krb5-config | apt-get install krb5-config | ||
+ | apt-get install libpam-krb5 | ||
===== krb5.conf ===== | ===== krb5.conf ===== | ||
Line 91: | Line 103: | ||
[libdefaults] | [libdefaults] | ||
default_realm = ACM.CS | default_realm = ACM.CS | ||
- | </file> | + | dns_lookup_realm = false |
- | <file|/etc/krb5.conf> | + | dns_lookup_kdc = true |
[realms] | [realms] | ||
- | ACM.CS = { | + | |
- | kdc = amadeus.acm.cs | + | [domain_realm] |
- | kdc = acm-linux.cs-icl.uic.edu | + | acm.cs = ACM.CS |
- | admin_server = amadeus.acm.cs | + | .acm.cs = ACM.CS |
- | } | + | |
+ | [logging] | ||
+ | # kdc = CONSOLE | ||
</file> | </file> |