We will use an additional CentOS 6.5 server on which we will configure the OpenLDAP client for authentication so that we make use of the central account database that we established on the 389-ds server.
From the client machine, we will need to install the following packages:
openldap
openldap-client
nss-pam-ldapd
This will be managed through the standard yum
repositories:
# yum install openldap openldap-clients nss-pam-ldapd
Once this is installed, we will make one change to the /etc/sysconfig/authconfig
file. We will edit the line that reads FORCELEGACY=no
to read FORCELEGACY=yes
. This change will allow us to use LDAP rather than LDAPS. Although it would be more secure to use LDAPS as the information encrypts data exchange, using LDAP, we alleviate the need to create certificates for the server, which is adequate on a local network.
To configure the authentication, we can use the authconfig
command:
# authconfig --enableldap --enableldapauth --enablemkhomedir \ --enablemkhomedir...