Table of Contents
Advertisement
with the command getent passwd. The returned set should contain a survey of the
local users of your system as well as all users stored on the LDAP server.
To prevent regular users managed through LDAP from logging in to the server with
ssh or login, the files /etc/passwd and /etc/group each need to include an
additional line. This is the line +::::::/sbin/nologin in /etc/passwd and
+::: in /etc/group.
36.6.2 Configuring the LDAP Client
After the initial adjustments of nss_ldap, pam_ldap, /etc/passwd, and /etc/
group have been taken care of by YaST, you can simply connect your client to the
server and let YaST manage users over LDAP. This basic setup is described in
Section
"Basic Configuration"
(page 683).
Use the YaST LDAP client to further configure the YaST group and user configuration
modules. This includes manipulating the default settings for new users and groups and
the number and nature of the attributes assigned to a user or a group. LDAP user man-
agement allows you to assign far more and different attributes to users and groups than
traditional user or group management solutions. This is described in
Section "Config-
uring the YaST Group and User Administration Modules"
(page 687).
Basic Configuration
The basic LDAP client configuration dialog
(Figure 36.3, "YaST: Configuration of the
LDAP Client"
(page 684)) opens during installation if you choose LDAP user manage-
ment or when you select Network Services > LDAP Client in the YaST Control Center
in the installed system.
LDAP—A Directory Service
683
Advertisement
Table of Contents
Troubleshooting
