SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Recently Changed Pages:

View All Pages


View All Tags


LinkedIn




WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Pages with comments

View All Comments

suseldap

SuSE LDAP

Since the Novell Linux User Management doesn't work as well as desired I decided to take a look at simple LDAP authentication for SLES boxes, or SLED or openSuSE. They all work the same for as far as the user authentication is concerned. This turned out to be pretty simple, following these steps:

  1. Configuring install sources
  2. Setting up LDAP authentication
  3. Check and troubleshoot
  4. Sudo

Configure Install Sources

When the LDAP client is being configured you need additional packages to be installed. By default the pam-ldap and nss-ldap packages need to be installed, which will be done automatically if the correct sources are installed. We have an internal SuSE installation and update server so that was not an issue for me:
suseldap01.jpg
As you can see I configured the installation source, the online source (for upgrades) and the update source.

Setting Up LDAP Authentication

LDAP Authentication is configured in Yast, so startup yast:

  • yast2
  • Go to “Security and Users” → “User Management” → “Expert Options” → “Authentication and User Sources”

At this point the configuration is going to check the installation sources, when they are not available or missing it will tell you so and you won't get the chance to configure the LDAP source. When the wizard is done you see the possible authentication sources. Click on LDAP: suseldap02.jpg As the server you can use an IP-address or the DNS name, and be sure to select a search base high enough to find all the users that need to log on. When you're done save and exit and you're done.

Check And Troubleshoot

Check users:

suse:~ # id sjoerd
uid=610(sjoerd) gid=606(ssh-access) groups=606(ssh-access),613(ssh-nam),612(ssh-managedservices))

The user is recognized including the secondary groups it's member of. You're done!

Sudo

Now all that's left is to configure sudo. Because this is quite important and because there is a lot of information and to learn about it I created a special page on it.

Request

There are two ways of logging into SuSE using eDirectory credentials. Using SuSE LUM or SuSE LDAP (this page). Is there anyone out there who knows why I should use lum? Because the LDAP was so much easier to set up…

You could leave a comment if you were logged in.
suseldap.txt · Last modified: 2021/09/24 00:25 (external edit)