——–Server side———:

Install the required packages using “yum” :

openldap*, nfs*, portmap*

Generate the ldap admin password :

#  slappasswd  -s  [password]  -h  {MD5}

{MD5}*****************

Copy the above password. The hash type can be changed to SHA, SSHA,SMD5(the brackets are required).

Edit “slapd.conf” :

#  vi  /etc/openldap/slapd.conf

At about line no. 87:

suffix               “dc=abc,dc=com”

At about line no. 88:

rootdn              “cn=Manager,dc=abc,dc=com”

At about line no. 94:

rootpw             {MD5}****************

Add the following lines at the bottom :

access to attrs=userPassword by self write
by dn=”cn=Manager,dc=abc,dc=com” write
by anonymous auth
by * none

access to * by self write
by dn=”cn=Manager,dc=abc,dc=com” write
by * read

Save and exit.

#  cp  /etc/openldap/DB_CONFIG.example  /var/lib/ldap/DB_CONFIG

#  service ldap start

#  chkconfig  ldap  on

Adding initial information in “base.ldif” :

#  cd  /usr/share/openldap/migration

#  vi  migrate_common.ph

At about line no. 71:

$DEFAULT_MAIL_DOMAIN  =  “abc.com”;

At about line no. 74:

$DEFAULT_BASE  =  “dc=abc,dc=com”;

Save and exit.

#  ./migrate_base.pl  >  base.ldif

#  vi  base.ldif [you can edit the sections according to your environment]

dn: dc=abc,dc=com

dc: abc

objectClass: top

objectClass: domain

dn: ou=Hosts,dc=abc,dc=com

ou: Hosts

objectClass: top

objectClass: organizationalUnit

dn: ou=Services,dc=abc,dc=com

ou: Services

objectClass: top

objectClass: organizationalUnit

dn: ou=Networks,dc=abc,dc=com

ou: Networks

objectClass: top

objectClass: organizationalUnit

dn: ou=People,dc=abc,dc=com

ou: People

objectClass: top

objectClass: organizationalUnit

dn: ou=Group,dc=abc,dc=com

ou: Group

objectClass: top

objectClass: organizationalUnit

#  ldapadd  -x  -W  -D  “cn=Manager,dc=abc,dc=com”  -f  base.ldif

Enter LDAP Password: [provide ldap admin password]

Adding existing users and groups to ldap server :

#  grep  “x:[5-9][0-9][0-9]”  /etc/passwd  >  passwd

#  grep  “x:[5-9][0-9][0-9]”  /etc/group  >  group

#  ./migrate_passwd.pl  passwd  >  passwd.ldif

#  ./migrate_group.pl  group  >  group.ldif

Now, add users and groups to ldap server :

#  ldapadd  -x  -W  -D  “cn=Manager,dc=abc,dc=com”  -f  passwd.ldif

#  ldapadd  -x  -W  -D  “cn=Manager,dc=abc,dc=com”  -f  group.ldif

Sharing home directory via nfs :

#  vi  /etc/exports

/home * (rw,sync)

Save and exit.

#  service nfs start

#  service portmap start

#  chkconfig nfs on

#  chkconfig portmap on

Export the nfs share :

#  exportfs  -av

——-Client side (Linux)———:

Mount the server home directory on client side :

#  mount  [IP of server]:/home   /home

Permanent mount in fstab :

#  vi  /etc/fstab

[IP of server]:/home                /home             nfs                   defaults           0          0

Install openldap-clients*

#  system-config-authentication

Select user information

Enable LDAP support

Specify LDAP suffix and IP address.

Now, select authentication.

Enable LDAP support and provide suffix and server IP address.

——-Client side (Windows)——- :

Download pGina and ldapauth plugin for pGina.

Install pGina and copy ldapauth plugin in plugins folder.

Now start the pGina configuration tool and under plugin section provide the path for ldapauth_plus.dll and click configure.

Use Map Mode

LDAP Server: [IP of LDAP Server]

Port: 389

Admin User: “cn=Manager,dc=abc,dc=com”

Admin Password: [ldap admin password]

PrePend: uid=

Append: ou=People,dc=abc,dc=com

Advertisements