Basic Configuration - Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION Installation Manual

with the command getent passwd. The returned set should contain a survey of the
local users of your system as well as all users stored on the LDAP server.
To prevent regular users managed through LDAP from logging in to the server with
ssh or login, the files /etc/passwd and /etc/group each need to include an
additional line. This is the line +::::::/sbin/nologin in /etc/passwd and
+::: in /etc/group.
36.6.2 Configuring the LDAP Client
After the initial adjustments of nss_ldap, pam_ldap, /etc/passwd, and /etc/
group have been taken care of by YaST, you can simply connect your client to the
server and let YaST manage users over LDAP. This basic setup is described in Section
"Basic Configuration" (page 690).
Use the YaST LDAP client to further configure the YaST group and user configuration
modules. This includes manipulating the default settings for new users and groups and
the number and nature of the attributes assigned to a user or a group. LDAP user man-
agement allows you to assign far more and different attributes to users and groups than
traditional user or group management solutions. This is described in Section "Config-
uring the YaST Group and User Administration Modules" (page 694).

Basic Configuration

The basic LDAP client configuration dialog (Figure 36.3, "YaST: Configuration of the
LDAP Client" (page 691)) opens during installation if you choose LDAP user manage-
ment or when you select Network Services > LDAP Client in the YaST Control Center
in the installed system.
690 Installation and Administration