Serverseitig wird die selbe Konfiguration benötigt wie bei nss-ldap

Debian:

libpam-ldap

SuSE:

pam_ldap

RedHat:

nss_ldap

Einstellungen über debconf bei Debian:

debconf-set-selections <<DEBCONF
libpam-ldap     libpam-ldap/rootbindpw  password
# Local crypt to use when changing passwords.
libpam-ldap     libpam-ldap/pam_password        select  crypt
# Root login account
libpam-ldap     libpam-ldap/rootbinddn  string  cn=admin,dc=villa,dc=local
# Make local root Database admin.
libpam-ldap     libpam-ldap/dbrootlogin boolean true
DEBCONF

/etc/pam_ldap.conf (Debian)

/etc/ldap.conf (SuSE und Centos):

host  ldap1.villa.local
base  dc=villa,dc=local
ldap_version 3

Das Programm login zum Testen gegen LDAP authentifizieren:

/etc/pam.d/login: (SuSE 12.3 ¹⁾ & Debian ²⁾)

auth    sufficient     pam_unix.so     nullok
auth    requisite      pam_ldap.so     use_first_pass 

account sufficient     pam_unix.so     
account requisite      pam_ldap.so     

session requisite     pam_unix.so     

/etc/pam.d/login: (SuSE ³⁾ & Centos ⁴⁾ )

auth    sufficient     pam_unix2.so     nullok
auth    requisite      pam_ldap.so     use_first_pass 

account sufficient     pam_unix2.so     
account requisite      pam_ldap.so     

session requisite     pam_unix2.so     

login

• http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/Linux-PAM_SAG.html
• http://etutorials.org/Server+Administration/ldap+system+administration/Part+II+Application+Integration/Chapter+6.+Replacing+NIS/6.7+Authorization+Through+PAM/
• Offline Anmeldung: https://help.ubuntu.com/community/PamCcredsHowto