How to enable LDAP authentication on CentOS 6.4

It seems that between 6.3 & 6.4, the LDAP authentication isn’t exactly plug-n-play when it comes to configuration. This is how I did it:

Enable LDAP Auth on CentOS Server 6.4
* install sssd: yum -y install sssd
* authconfig –enablesssd –enablesssdauth –enablelocauthorize –update
* edit /etc/sssd/sssd.conf, add the following in each group (with ldap-server renamed to your ldap server’s name/IP):

[domain/default]
ldap_tls_reqcert = never
ldap_schema = rfc2307bis
ldap_group_member = uniquemember
ldap_chpass_uri = ldap:ldap-server
krb5_kdcip = kerberos.example.com
entry_cache_timeout = 600
ldap_network_timeout = 3
ldap_access_filter = (&(objectclass=shadowaccount)(objectclass=posixaccount))
[nss]
filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd

* Restart sssd: service sssd restart
* Test by running “id ” (i.e. “id dlund”)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s