This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
linux:centos_ad [2018/05/25 21:44] bmiddha created |
linux:centos_ad [2021/05/02 21:36] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== CentOS 7 AD Backend ====== | + | ====== CentOS 7 AD Client ====== |
- | ====== Install nslcd and kerbros ====== | + | ====== Install nslcd and kerberos ====== |
<code> | <code> | ||
Line 23: | Line 23: | ||
select "Use LDAP" and "Use LDAP Authentication" | select "Use LDAP" and "Use LDAP Authentication" | ||
select "Use TLS" | select "Use TLS" | ||
- | Server: ad1.acm.cs | + | <code> |
+ | Server: ldaps://ad1.acm.cs | ||
Base DN: dc=acm,dc=cs | Base DN: dc=acm,dc=cs | ||
+ | </code> | ||
====== Update nslcd config ====== | ====== Update nslcd config ====== | ||
Line 65: | Line 67: | ||
filter group (objectClass=group) | filter group (objectClass=group) | ||
</file> | </file> | ||
+ | nslcd.conf should not be world readable if bindpw is set | ||
- | ====== more ldap config ====== | + | <code> |
+ | chmod 600 /etc/nslcd.conf | ||
+ | </code> | ||
+ | |||
+ | ====== More LDAP Config ====== | ||
make sure that passwd, group and shadow have files and then ldap | make sure that passwd, group and shadow have files and then ldap | ||
<file|/etc/nsswitch.conf> | <file|/etc/nsswitch.conf> | ||
Line 74: | Line 81: | ||
</file> | </file> | ||
- | ====== Testing configuration ====== | + | ====== Start nslcd Service ====== |
+ | <code> | ||
+ | systemctl start nslcd | ||
+ | </code> | ||
+ | ====== Testing the configuration ====== | ||
<code> | <code> | ||
getent passwd | getent passwd | ||
Line 91: | Line 102: | ||
- | ====== Password auth with kerbros ====== | + | ====== Password auth with kerberos ====== |
<file|/etc/krb5.conf> | <file|/etc/krb5.conf> | ||
Line 119: | Line 130: | ||
====== Auto create home directories ====== | ====== Auto create home directories ====== | ||
+ | Run this | ||
+ | <code> | ||
+ | authconfig --enablemkhomedir --updateall | ||
+ | </code> | ||
Append File | Append File | ||
<file|/etc/pam.d/sshd> | <file|/etc/pam.d/sshd> |