Red Hat LINUX 7.2 Reference Manual page 255

Section 15.10:Configuring Your System to Authenticate Using OpenLDAP
than is provided here. Please refer to the references provided in Section 15.11, Additional Resources
for more information.
15.10.1 Install the Necessary LDAP Packages
First, you should make sure that the appropriate packages are installed on both the LDAP server and
the LDAP client machines. The LDAP server needs the openldap-server package.
The LDAP client machines need the following packages installed:
dap-clients, auth_ldap, and nss_ldap.
15.10.2 Edit the Configuration Files
Edit /etc/openldap/slapd.conf
Next, edit the slapd.conf file to make sure it matches the specifics of your organization.
Please refer to Section 15.6.1, Edit /etc/openldap/slapd.conf for instructions on editing
slapd.conf.
Edit ldap.conf
Edit the ldap.conf files in /etc and in /etc/openldap on the LDAP server and clients.
Edit /etc/ldap.conf, the configuration file for nss_ldap and pam_ldap, to reflect your or-
ganization and search base. The file /etc/openldap/ldap.conf is the configuration file for
the command line tools like ldapsearch, ldapadd, etc., and it will also need to be edited for your
LDAP setup. Client machines will need to have both of these files modified.
Edit /etc/nsswitch.conf
To use nss_ldap, you'll need to add ldap to the appropriate fields in /etc/nsswitch.conf.
(Be very careful when editing this file; be sure that you know what you're doing.) For example:
passwd: files ldap
shadow: files ldap
group: files ldap
PAM and LDAP
To have standard PAM-enabled applications use LDAP for authentication, run authconfig and
select Use LDAP . (PAM is beyond the scope of this LDAP overview, so if you need help, consult
Chapter 7, Pluggable Authentication Modules (PAM) and the PAM man pages.)
openldap, openl-
255