||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents>>|| = Introduction = This howto is based on my FedoraDirectoryServer howto and I am going to tell you here how you are going to connect Ubuntu clients with Fedora-ds installed in another Ubuntu server. I will stick to the the following example scenario. Change your setting appropriately. This howto can be used your own LDAP server as well. My test setup is like this: {{attachment:FosseduAutoHome.jpg}} = Installing LDAP Client Packages = We need to install necessary client packages and setup them initially. To install all packages: {{{ sudo apt-get install libpam-ldap libnss-ldap }}} During the installation it will ask few questions and don't worry about them but keep accepting the default settings since we are going to modify them manually later. = Configuring Configuring nsswitch.conf file = The nsswitch.conf file is responsible for switching the authentication order in Linux and we need to setup to accept LDAP authentication. To edit the file: {{{ sudo vi /etc/nsswitch.conf }}} Then we need change {{{compat}}} with {{{files ldap}}}. Use the following command in vi command mode {{{ %s/compat/files ldap/g }}} Now your changes will reflect as follows in /etc/nsswitch.conf {{{ ... passwd: files ldap group: files ldap shadow: files ldap ... }}} The order {{{files ldap}}} will look {{{/etc/passwd}}} file first and then look LDAP for authentication. = Modifying /etc/pam_ldap.conf file = We now replace above file with our version of this file. To backup the original file : {{{ cd /etc sudo mv pam_ldap.conf pam_ldap.conf.orig }}} The open a new file and copy and paste the following contents the new file. (On Karmic (9.10) the file to edit is /etc/ldap.conf) {{{ sudo vi /etc/pam_ldap.conf }}} Copy and paste the following code segment. {{{ host 10.0.0.1 suffix "dc=fossedu,dc=org" uri ldap://10.0.0.1 pam_password exop ldap_version 3 pam_filter objectclass=posixAccount pam_login_attribute uid pam_member_attribute memberuid nss_base_passwd ou=People,dc=fossedu,dc=org nss_base_shadow ou=People,dc=fossedu,dc=org nss_base_group ou=Groups,dc=fossedu,dc=org scope one }}} Replace {{{"dc=fossedu,dc=com"}}} with your own distinguished name of the search base. For example {{{dc=yourdoman,dc=com}}} = Configuring PAM = The PAM configuration is split in 4 files: common-account, common-auth, common-password and common-session. Let us keep our original files back up in case we need a recovery again to our original setup. To backup original files: {{{ cd /etc/pam.d for name in `ls common-*` ; do sudo mv "$name" "$name".orig ; done mv }}} == Setting common-account == {{{ sudo vi /etc/pam.d/common-account }}} Copy and paste the following code segment. {{{ account sufficient pam_ldap.so account required pam_unix.so }}} == Setting common-auth == {{{ sudo vi /etc/pam.d/common-auth }}} Copy and paste the following code segment {{{ auth sufficient pam_ldap.so auth required pam_unix.so nullok_secure use_first_pass }}} == Setting common-password == {{{ sudo vi /etc/pam.d/common-password }}} Copy and paste the following code segment. {{{ password sufficient pam_ldap.so password required pam_unix.so nullok obscure min=4 max=8 md5 }}} == Setting common-session == {{{ sudo vi /etc/pam.d/common-session }}} Copy and paste the following code segment. {{{ session sufficient pam_ldap.so session required pam_unix.so }}} == Testing the Setup == Let's test our setup now. To test LDAP connectivity: {{{ getent passwd fmaster }}} Your output should be something like this: {{{ fmaster:x:1006:1006:Foss Master:/home/fsmaster:/bin/bash }}} = Automatically Mounting User's Home Directory = We need to mount user's home directory when they login to a system and we try to manage our users as roaming users. Install following packages in all of your client system to enable this. == Setup your server for NFS Exports == In the Ubuntu server to which your have install Fedora-ds we need to export users home directories via NFS '''To install NFS server''' {{{ sudo apt-get install nfs-kernel-server }}} To export the file system, setup {{{/etc/exports}}}. {{{ sudo vi /etc/exports }}} Add the following code segment into the file. {{{ /ahome 10.0.0.0/24(rw,sync,root_squash) }}} '''Export the file system''' {{{ sudo exportfs -arv }}} Your output should look like: {{{ exporting 10.0.0.0/24:/ahome }}} '''To veryfiy nfs exports''' {{{ sudo exportfs -v }}} Output: {{{ /home 10.0.0.0/24(rw,wdelay,root_squash) }}} == Setting up clients for NFS and autofs == '''To install nfs clients and autofs''' {{{ sudo apt-get install autofs nfs-common }}} == Setting autofs == '''Create auto.ahome file.''' {{{ sudo vi /etc/auto.ahome }}} Add the following code segment to this file. {{{ * -fstype=nfs,rw,hard,intr,rsize=2048,wsize=2048,nosuid,nfsvers=3 10.0.0.1:/ahome/& }}} '''Create a mount point for auto homes''' {{{ sudo mkdir /ahome }}} '''Add auto.home file to /etc/auto.master''' {{{ sudo vi /etc/auto.master }}} Add the the following code segment to the above file {{{ /ahome /etc/auto.ahome --timeout=120 }}} '''Restart autofs''' {{{ sudo /etc/init.d/autofs restart }}} To test your setup login as {{{fmaster}}} If you can login, Cheers !!! Howto created by: ChinthakaDeshapriya. ----