• Centos6 ldap客户端


    [root@centos66-test1 ~]# yum remove `rpm -qa |grep sssd`
    [root@centos66-test1 ~]# yum install nss-pam-ldapd
    [root@centos66-test1 ~]# vim /etc/pam.d/password-auth
    #%PAM-1.0
    # This file is auto-generated.
    # User changes will be destroyed the next time authconfig is run.
    auth        required      pam_env.so
    auth        sufficient    pam_unix.so nullok try_first_pass
    auth        requisite     pam_succeed_if.so uid >= 500 quiet
    auth        sufficient    pam_ldap.so use_first_pass
    auth        required      pam_deny.so
    
    account     required      pam_unix.so broken_shadow
    account     sufficient    pam_localuser.so
    account     sufficient    pam_succeed_if.so uid < 500 quiet
    account     [default=bad success=ok user_unknown=ignore] pam_ldap.so
    account     required      pam_permit.so
    
    password    requisite     pam_cracklib.so try_first_pass retry=5 minlen=8 lcredit=-1 dcredit=-1 ocredit=-1 enforce_for_root remember=5
    password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok
    password    sufficient    pam_ldap.so use_authtok
    password    required      pam_deny.so
    
    session     optional      pam_keyinit.so revoke
    session     required      pam_limits.so
    session     optional      pam_oddjob_mkhomedir.so umask=0077
    session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
    session     required      pam_unix.so
    session     optional      pam_ldap.so
    
    [root@centos66-test1 ~]# vim /etc/pam.d/system-auth
    #%PAM-1.0
    # This file is auto-generated.
    # User changes will be destroyed the next time authconfig is run.
    auth        required      pam_env.so
    auth        sufficient    pam_fprintd.so
    auth        sufficient    pam_unix.so nullok try_first_pass
    auth        requisite     pam_succeed_if.so uid >= 500 quiet
    auth        sufficient    pam_ldap.so use_first_pass
    auth        required      pam_deny.so
    
    account     required      pam_unix.so broken_shadow
    account     sufficient    pam_localuser.so
    account     sufficient    pam_succeed_if.so uid < 500 quiet
    account     [default=bad success=ok user_unknown=ignore] pam_ldap.so
    account     required      pam_permit.so
    
    password    requisite     pam_cracklib.so try_first_pass retry=5 minlen=8 lcredit=-1 dcredit=-1 ocredit=-1 enforce_for_root remember=5
    password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok
    password    sufficient    pam_ldap.so use_authtok
    password    required      pam_deny.so
    
    session     optional      pam_keyinit.so revoke
    session     required      pam_limits.so
    session     optional      pam_oddjob_mkhomedir.so umask=0077
    session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
    session     required      pam_unix.so
    session     optional      pam_ldap.so
    
    [root@centos66-test1 ~]# authconfig-tui
    
    
    
    [root@centos66-test1 ~]# authconfig-tui
    Starting oddjobd:                                          [  OK  ]
    Starting nslcd:                                            [  OK  ]
    
    测试: 
    (1id "username"   #用ldap中的实际用户名替换username
    (2)su和ssh测试
  • 相关阅读:
    词频统计
    时事点评-红芯浏览器事件
    我的第一篇博客
    浏览器同源策略,及跨域解决方案
    进击的 JavaScript (八) 之 继承
    进击的 JavaScript (七) 之 原型链
    进击的 JavaScript(五) 之 立即执行函数与闭包
    进击的 JavaScript(六) 之 this
    进击的 JavaScript(四) 之 闭包
    进击的 JavaScript(三) 之 函数执行过程
  • 原文地址:https://www.cnblogs.com/lingfenglian/p/12768384.html
Copyright © 2020-2023  润新知