https://wiki.skytech.dk/index.php?action=history&feed=atom&title=LDAP_client_-_Ubuntu 2026-06-30T10:41:54Z Revision history for this page on the wiki MediaWiki 1.45.4 https://wiki.skytech.dk/index.php?title=LDAP_client_-_Ubuntu&diff=1849&oldid=prev 2012-09-27T08:25:35Z

<p>Created page with &quot;<a href="/index.php/Category:Linux" title="Category:Linux">Category:Linux</a> = Setting up a LDAP client on Ubuntu 12.04+ = Shamelessly stolen and copied from http://askubuntu.com/questions/127389/how-to-configure-ubuntu-as-an-ldap-...&quot;</p> <p><b>New page</b></p><div>[[Category:Linux]]<br /> <br /> = Setting up a LDAP client on Ubuntu 12.04+ =<br /> <br /> Shamelessly stolen and copied from http://askubuntu.com/questions/127389/how-to-configure-ubuntu-as-an-ldap-client<br /> <br /> &lt;pre&gt;<br /> The contents of this post are based on this guide. It should work fine in 12.04.<br /> <br /> 1) Issue the following command:<br /> <br /> sudo apt-get install ldap-utils libpam-ldap libnss-ldap nslcd<br /> NOTE: During the installation of the above packages a dialog will pop up and ask about some LDAP configuration. Be sure to enter the correct values for your LDAP configuration.<br /> <br /> 2) Edit /etc/nsswitch.conf (via sudo). Append &quot;ldap&quot; to these lines:<br /> <br /> #Original file looks like this <br /> passwd: compat <br /> group : compat <br /> shadow: compat <br /> <br /> #After appending &quot;ldap&quot; lines look like these<br /> passwd: compat ldap<br /> group : compat ldap <br /> shadow: compat ldap <br /> 3) Comment out the line rootbinddn, I&#039;m not sure why we need to do that.<br /> <br /> 4) Edit /etc/pam.d/login (via sudo) and paste:<br /> <br /> session required pam_mkhomedir.so skel=/etc/skel umask=0022 <br /> 5) Edit /etc/pam.d/lightdm (via sudo) and paste:<br /> <br /> session required pam_mkhomedir.so skel=/etc/skel umask=0022 <br /> 6) Issue this command:<br /> <br /> sudo update-rc.d nslcd enable<br /> You should be able to log in as an LDAP user after a reboot.<br /> <br /> Likely problems and solutions:<br /> <br /> Logging in as an LDAP user takes a very long time (minutes): It&#039;s very likely that nss-lap is having problems finding the user&#039;s group. Make sure that the user is in a group recognized locally, or that the user is in a group defined in LDAP. Make sure that, if the group is defined in LDAP, that it&#039;s a real POSIX group.<br /> Always check the /var/log/auth.log log file. If you see &quot;unable to contact ldap server&quot;, check whether the LDAP server is reachable and the port is open.<br /> Try to ping the LDAP server by name<br /> Try to check whether the LDAP port is open:<br /> LDAP can listen on different ports, but can usually be found on 389 and 636<br /> You can check that a port is open by using telnet:<br /> telnet 389 or telnet 636<br /> If you see any characters on the console then the port is open and the LDAP server should be running.<br /> If you see nothing or get an error message, either the LDAP server is not running or something (such as a firewall) is preventing the connection.<br /> &lt;/pre&gt;</div>

Martin