How to enable LDAP authentication on CentOS 6.4

It seems that between 6.3 & 6.4, the LDAP authentication isn’t exactly plug-n-play when it comes to configuration. This is how I did it:

Enable LDAP Auth on CentOS Server 6.4
* install sssd: yum -y install sssd
* authconfig –enablesssd –enablesssdauth –enablelocauthorize –update
* edit /etc/sssd/sssd.conf, add the following in each group (with ldap-server renamed to your ldap server’s name/IP):

ldap_tls_reqcert = never
ldap_schema = rfc2307bis
ldap_group_member = uniquemember
ldap_chpass_uri = ldap:ldap-server
krb5_kdcip =
entry_cache_timeout = 600
ldap_network_timeout = 3
ldap_access_filter = (&(objectclass=shadowaccount)(objectclass=posixaccount))
filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd

* Restart sssd: service sssd restart
* Test by running “id ” (i.e. “id dlund”)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.