Академический Документы
Профессиональный Документы
Культура Документы
cd /etc/pam.d/
vim /etc/pam.d/login
vim /etc/pam.d/system-auth
/etc/nslcd.conf
uri ldap://server.redhat.com
=====================================================**
setting up ldap authentication
authconfig-gtk
authconfig-gtk
select ldap
ldap search base dn dc=example,dc=com
ldap server ldap://server5.example.com
use TLS to encrypt connections
download CA Certificate
ftp;//server.redhat.com/pub/slapd.pam
apply
su - ldapuser5
id
grep ldapuser5 /etc/passwd
cd /tmp
touch testfile
UNDERSTANDING AUTOMOUNT
learning automount and fixing home directory
` * -rw nfsserver:/home/guests/&
nfs server
/etc/auto.master
/etc/auto.data - file -rw nfsserver:/data
nfs server
/home/guest
CONFIGURING AUTOMOUNT
samba-server
install samba-client
smbpasswd -a ldapusers
vim /etc/samba/smb.conf
[data]
comment = Ldap user home directories
path = /home/guests
public = yes
writable = no
client system
vim /etc/auto.master
/home/guests /etc/auto.guests
vim /etc/auto.guests
* -rw nfsserver:/home/guests/&
samba-server
install samba-client
smbpasswd -a ldapusers
vim /etc/samba/smb.conf
[data]
comment = Ldap user home directories
path = /home/guests
public = yes
writable = no
======================== ==================================
vim /etc/exports
/data -rw *(rw,no_root_squash)
exportfs -r
this is a special command to update export database
suppose for example once nfs server is active and client system is
connected to nfs server
if you add any new export share and update /etc/exports file you
cant restart nfs-service as it may inturpt nsf clients
so we can use exportfs -r command to update nfs exports database
mkdir /data
vim /etc/auto.master
/nfsserver /etc/auto.nfs
vim /etc/auto.nfs
blah -rw localhost:/data
vim /etc/nsswitch.conf
passwd: files sss ldap
sri-note: if we see ldap here that means nslcd
cd /etc/pam.d/
vim /etc/pam.d/login
vim /etc/pam.d/system-auth
we see
auth sufficient pam_ldap.so == to find ldap server we need
nslcd
vim /etc/nslcd.conf
sri-note: all information is hear from authconfig-gtk
like
uri ldap://server.example.com
base dc=example,dc=com
and in the bottom
ssl start_tls
tls_cacertdir /etc/openldap/cacerts
cd /etc/openldap/cacerts/
ls
authconfig_downloaded.pem
this is the same file which we downloaded from authconfig-gtk this
the same file === slapd.pem\
ldap related logs
tail -f /var/log/messages
=====exercise===