||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents>>||

= Introduction =

This howto is based on my FedoraDirectoryServer howto and I am going to tell you here how you are going to connect Ubuntu clients with Fedora-ds installed in another Ubuntu  server. I will stick to the the following example scenario. Change your setting appropriately. This howto can be used your own LDAP server as well.

My test setup is like this:

{{attachment:FosseduAutoHome.jpg}}

= Installing LDAP Client Packages =

We need to install necessary client packages and setup them initially. To install all  packages:

{{{
  sudo apt-get install libpam-ldap libnss-ldap
}}}

During the installation it will ask few questions and don't worry about them but keep accepting the default settings since we are going to modify them manually later.

= Configuring Configuring nsswitch.conf file =

The nsswitch.conf file is responsible for switching the authentication order in Linux and we need to setup to accept LDAP authentication. To edit the file:

{{{
sudo vi /etc/nsswitch.conf
}}}

Then we need change {{{compat}}} with {{{files ldap}}}. Use the following command in vi command mode
{{{
%s/compat/files ldap/g
}}}

Now your changes will reflect as follows in /etc/nsswitch.conf
{{{
...
passwd:         files ldap
group:          files ldap
shadow:         files ldap
...
}}}

The order {{{files ldap}}} will look {{{/etc/passwd}}}  file first and then look LDAP for authentication.

= Modifying /etc/pam_ldap.conf file =

We now replace above file with our version of this file. To backup the original file   :

{{{
cd /etc
sudo mv pam_ldap.conf pam_ldap.conf.orig
}}}

The open a new file and copy and paste the following contents the new file.
(On Karmic (9.10) the file to edit is /etc/ldap.conf)
{{{
sudo vi /etc/pam_ldap.conf
}}}

Copy and paste the following code segment.

{{{
host    10.0.0.1

suffix          "dc=fossedu,dc=org"

uri ldap://10.0.0.1
pam_password exop

ldap_version 3
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid
nss_base_passwd ou=People,dc=fossedu,dc=org
nss_base_shadow ou=People,dc=fossedu,dc=org
nss_base_group  ou=Groups,dc=fossedu,dc=org

scope one
}}}

Replace {{{"dc=fossedu,dc=com"}}} with your own distinguished name of the search base. For example {{{dc=yourdoman,dc=com}}}

= Configuring PAM =

The PAM configuration is split in 4 files: common-account, common-auth, common-password and common-session. Let us keep our original files back up in case we need a recovery again to our original setup. To backup original files:

{{{
cd /etc/pam.d
for name in `ls common-*` ; do sudo mv "$name" "$name".orig ; done
mv 
}}}

== Setting common-account ==

{{{ 
sudo vi /etc/pam.d/common-account
}}}

Copy and paste the following code segment.

{{{
account sufficient      pam_ldap.so
account required        pam_unix.so
}}}

== Setting common-auth ==

{{{ 
sudo vi /etc/pam.d/common-auth
}}}

Copy and paste the following code segment

{{{
auth    sufficient      pam_ldap.so
auth    required        pam_unix.so nullok_secure use_first_pass
}}}

== Setting common-password ==

{{{ 
sudo vi /etc/pam.d/common-password
}}}

Copy and paste the following code segment.

{{{
password        sufficient      pam_ldap.so
password        required        pam_unix.so nullok obscure min=4 max=8 md5
}}}

== Setting common-session ==

{{{ 
sudo vi /etc/pam.d/common-session
}}}

Copy and paste the following code segment.

{{{
session sufficient      pam_ldap.so
session required        pam_unix.so
}}}

== Testing the Setup ==

Let's test our setup now. To test LDAP connectivity:

{{{
getent passwd fmaster
}}}

Your output should be something like this:

{{{
fmaster:x:1006:1006:Foss Master:/home/fsmaster:/bin/bash
}}}

= Automatically Mounting User's Home Directory =

We need to mount user's home directory when they login to a system and we try to  manage our users as roaming users. Install following packages in all of your client system to enable this.

== Setup your server for NFS Exports ==

In the Ubuntu server to which your have install Fedora-ds we need to export users home directories via NFS

'''To install NFS server'''

{{{
sudo apt-get install nfs-kernel-server
}}}

To export the file system, setup {{{/etc/exports}}}.

{{{
sudo vi /etc/exports
}}}

Add the following code segment into the file.

{{{
/ahome          10.0.0.0/24(rw,sync,root_squash)
}}}

'''Export the file system'''

{{{
sudo exportfs -arv
}}}

Your output should look like:

{{{
 exporting 10.0.0.0/24:/ahome
}}}

'''To veryfiy nfs exports'''

{{{
sudo exportfs -v
}}}

Output:

{{{
/home          10.0.0.0/24(rw,wdelay,root_squash)
}}}

== Setting up clients for NFS and autofs ==

'''To install nfs clients and autofs'''

{{{
sudo apt-get install autofs nfs-common
}}}

== Setting autofs ==

'''Create auto.ahome file.'''

{{{
sudo vi /etc/auto.ahome
}}}

Add the following code segment to this file.

{{{
*       -fstype=nfs,rw,hard,intr,rsize=2048,wsize=2048,nosuid,nfsvers=3 10.0.0.1:/ahome/&
}}}

'''Create a mount point for auto homes'''
{{{
sudo mkdir /ahome
}}}

'''Add auto.home file to /etc/auto.master'''

{{{
sudo vi /etc/auto.master
}}}

Add the the following code segment to the above file

{{{
/ahome       /etc/auto.ahome      --timeout=120
}}}

'''Restart autofs'''

{{{
sudo /etc/init.d/autofs restart
}}}

To test your setup login as {{{fmaster}}}

If you  can login, Cheers !!!

Howto created by: ChinthakaDeshapriya.
----