{"id":129,"date":"2014-11-21T16:24:12","date_gmt":"2014-11-21T08:24:12","guid":{"rendered":"http:\/\/blog.haostudio.net\/hwp\/?p=129"},"modified":"2017-07-25T00:16:19","modified_gmt":"2017-07-24T16:16:19","slug":"%e5%9c%a8debian-7-%e4%b8%ad%e5%ae%89%e8%a3%9dldap-client","status":"publish","type":"post","link":"https:\/\/blog.haostudio.net\/hwp\/%e5%9c%a8debian-7-%e4%b8%ad%e5%ae%89%e8%a3%9dldap-client\/","title":{"rendered":"\u5728Debian 7 \u4e2d\u5b89\u88ddLDAP Client"},"content":{"rendered":"\n

\u5728Debian 7 \u4e2d\u5b89\u88ddLDAP Client<\/h1>\n

\u7e7c\u4e0a\u4e00\u7bc7\u4f7f\u7528AutoFS \u4f86\u9023\u4e0aNFS server<\/a> \u5b58\u53d6\u6211file server \u4e0a\u7684\u8cc7\u6599\u5f8c, \u63a5\u4e0b\u4f86\u5c31\u662f\u8655\u7406\u5e33\u865f\u7684\u554f\u984c. \u7531\u65bc\u6211\u7684\u5e33\u865f\u662f\u7528LDAP server \u4f86\u7ba1\u7406, \u56e0\u6b64\u6700\u8fd1\u5b89\u88dd\u7684Debian 7 \u4e5f\u9700\u8981\u5b89\u88ddLDAP client .<\/p>\n

\u5b89\u88dd\u5fc5\u8981\u5957\u4ef6<\/p>\n

# apt-get install ldap-utils libpam-ldapd nscd nslcd libnss-ldapd\n<\/code><\/pre>\n
\u5b89\u88dd\u671f\u9593, \u5b83\u6703\u8a62\u554f\u4f60\u7684LDAP server URI, \u8acb\u4f9d\u64da\u4f60\u7684LDAP server \u8f38\u5165server \u7684URI, \u53ef\u4ee5\u662f\u4e0b\u5217\u4e09\u7a2e\u683c\u5f0f<\/p>\n
ldap:\/\/<hostname_or_IP_address>:<port>\/\nldaps:\/\/....\nldapi:\/\/....\n<\/code><\/pre>\n
\u5176\u4e2d<\/p>\n \u662foptional, \u53ef\u4ee5\u4e0d\u7528\u8f38\u5165. \u6211\u7684LDAP server URI \u662f\n\n
ldap:\/\/192.168.x.xxx\/\n<\/code><\/pre>\n\n\u63a5\u4e0b\u4f86\u4ed6\u8981\u4f60\u8f38\u5165LDAP server search base, \u683c\u5f0f\u5982\u4e0b:\n\n
ou=xxxx, dc=example,dc=net\n<\/code><\/pre>\n\n\u8acb\u4f9d\u7167\u4f60\u7684LDAP server \u7684\u8a2d\u5b9a\u4f86\u8f38\u5165, \u6211\u7684search base \u662f:\n\n
ou=nis,dc=mydomain,dc=net\n<\/code><\/pre>\n\n\u5728\u63a5\u4e0b\u4f86, \u5b83\u6703\u53bb\u4fee\u6539\u4f60\u7684\/etc\/nsswitch.conf \u88e1\u9762\u7684\u6b04\u4f4d, \u4ed6\u6703\u554f\u4f60\u6709\u8981\u4fee\u6539\u54ea\u4e9b\u6b04\u4f4d, \u8acb\u4f9d\u64da\u4f60\u7684LDAP server \u6709\u5b58\u653e\u54ea\u4e9b\u8cc7\u8a0a\u4f86\u6c7a\u5b9a.  \u56e0\u70ba\u6211\u7684LDAP server \u53ea\u5b58\u653e\u4f7f\u7528\u8005\u5e33\u865f\u548c\u5bc6\u78bc \u7528\u4f86\u53d6\u4ee3NIS\u7528\u800c\u5df2, \u56e0\u6b64\u6211\u53ea\u6311\u9078\u4e0b\u5217\u6b04\u4f4d:\n\n
password\nshadow\ngroup\n<\/code><\/pre>\n\nOK! \u9019\u6a23\u5c31\u8a2d\u5b9a\u597d\u4e86.\n\n\u8981\u78ba\u8a8d\u662f\u5426\u8a2d\u5b9a\u6210\u529f, \u4f60\u53ef\u4ee5\u4f7f\u7528getent \u6307\u4ee4\u53bb\u67e5\u770b\u4f7f\u7528\u8005\u8cc7\u8a0a,\n\n
# getent passwd    \n<\/code><\/pre>\n\n\u82e5\u662f\u6709\u770b\u5230server \u4e0a\u7684\u4f7f\u7528\u8005\u8cc7\u8a0a, \u90a3\u8868\u793a\u5df2\u7d93\u5df2\u7d93\u53ef\u4ee5\u9023\u63a5\u4e0aLDAP server\u4e86.\n\n\u82e5\u662f\u4f60\u9700\u8981\u66f4\u8a73\u7d30\u7684\u8a2d\u5b9a, \u53ef\u4ee5\u81ea\u5df1\u53bb\u4fee\u6539\u4e0b\u5217\u7684\u8a2d\u5b9a\u6a94:\n\n
\/etc\/ldap\/ldap.conf\n\/etc\/nslcd.conf\n\/etc\/nsswitch.conf\n\/etc\/pam.d\/common-account\n\/etc\/pam.d\/common-auth\n\/etc\/pam.d\/common-password\n\/etc\/pam.d\/common-session\n<\/code><\/pre>\n\n
\n\n
\u53c3\u8003\u8cc7\u6599<\/h3>\n\n
    \n
  1. Debian LDAP NSS<\/a><\/li>\n
  2. Debian LDAP PAM<\/a><\/li>\n
  3. Ubuntu LDAPClientAuthentication<\/a><\/li>\n
  4. LDAP Client on Ubuntu<\/a><\/li>\n<\/ol>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[9,20,55],"class_list":["post-129","post","type-post","status-publish","format-standard","hentry","category-linux","tag-debian","tag-ldap","tag-pam"],"_links":{"self":[{"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/posts\/129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/comments?post=129"}],"version-history":[{"count":4,"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/posts\/129\/revisions"}],"predecessor-version":[{"id":402,"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/posts\/129\/revisions\/402"}],"wp:attachment":[{"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/media?parent=129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/categories?post=129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.haostudio.net\/hwp\/wp-json\/wp\/v2\/tags?post=129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}