Centos 6 Linux和nss-pam-ldapd

前端之家收集整理的这篇文章主要介绍了Centos 6 Linux和nss-pam-ldapd前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我正在尝试使用centos 6来对ldap进行身份验证(特定的活动目录)我有点困惑,因为在安装nss-pam-ldapd后,我看到几个文件似乎是相同的配置.例如,我有/etc/pam_ldap.conf和/etc/nslcd.conf.这两个文件似乎都具有相同的配置选项.似乎没有工作.任何指导将不胜感激.
Make sure you:
   1. yum remove sssd
   2. yum install openldap-clients nss-pam-ldapd
   3. Run Authconfig
   4. Check your /etc/openldap/ldap.conf
           - Check for your valid certfile is pointed to
   5. Check your /etc/nslcd.conf
           - confirm ssl start_tls
           - confirm certfile is pointing to a valid file

Here is a example authconfig line:

authconfig --enableldap --enableldapauth \
   --ldapserver=ldap://ldap.example.com/,ldap://ldap2.example.com/ \
   --ldapbasedn=dc=example,dc=com  --update

Then make sure:
/etc/openldap/ldap.conf
TLS_CACERT /etc/pki/tls/certs/ca-bundle.crt
TLS_REQCERT demand


And in /etc/nslcd.conf:
ssl start_tls
tls_cacertfile /etc/pki/tls/certs/ca-bundle.crt
tls_reqcert never

So that you get a certificate not a empty directory.

猜你在找的CentOS相关文章