reserves:serveurs

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Les deux révisions précédentes Révision précédente
Prochaine révision		 Révision précédente
reserves:serveurs [2019/10/09 10:41] – [Installation avec montage NFS] chabrolreserves:serveurs [2019/10/09 10:44] (Version actuelle) – [Installation avec montage NFS] chabrol
Ligne 182: Ligne 182:
 automount:      files ldap automount:      files ldap
 </Code> </Code>
 +
 +On exécute la commande ''auth-client-config -t nss -p lac_ldap''
 +
 +Modification du fichier ''/etc/nslcd.conf''
 +<Code>
 +# /etc/nslcd.conf
 +# nslcd configuration file. See nslcd.conf(5)
 +# for details.
 +
 +# The user and group nslcd should run as.
 +uid nslcd
 +gid nslcd
 +
 +# The location at which the LDAP server(s) should be reachable.
 +uri ldap://ldap.i2m.univ-amu.fr
 +
 +# The search base that will be used for all queries.
 +base dc=i2m,dc=univ-amu,dc=fr
 +
 +# The LDAP protocol version to use.
 +ldap_version 3
 +
 +# The DN to bind with for normal lookups.
 +#binddn cn=annonymous,dc=example,dc=net
 +#bindpw secret
 +
 +# The DN used for password modifications by root.
 +#rootpwmoddn cn=admin,dc=example,dc=com
 +
 +# SSL options
 +ssl start_tls
 +tls_reqcert allow
 +tls_cacertfile /etc/ssl/certs/ca-certificates.crt
 +
 +# The search scope.
 +#scope sub
 +</Code>
 +
 +On redémarre les services nslcd et nscd : ''service nslcd restart'' & ''service nscd restart''
 +
 +On lance la commande ''pam-auth-update''
 +
 +On modifie le fichier ''/etc/pam.d/common-session''
 +<Code>
 +#
 +# /etc/pam.d/common-session - session-related modules common to all services
 +#
 +# This file is included from other service-specific PAM config files,
 +# and should contain a list of modules that define tasks to be performed
 +# at the start and end of sessions of *any* kind (both interactive and
 +# non-interactive).
 +#
 +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
 +# To take advantage of this, it is recommended that you configure any
 +# local modules either before or after the default block, and use
 +# pam-auth-update to manage selection of other modules.  See
 +# pam-auth-update(8) for details.
 +
 +# here are the per-package modules (the "Primary" block)
 +session [default=1]                     pam_permit.so
 +# here's the fallback if no module succeeds
 +session requisite                       pam_deny.so
 +# prime the stack with a positive return value if there isn't one already;
 +# this avoids us returning an error just because nothing sets a success code
 +# since the modules above will each just jump around
 +session required                        pam_permit.so
 +# The pam_umask module will set the umask according to the system default in
 +# /etc/login.defs and user settings, solving the problem of different
 +# umask settings with different shells, display managers, remote sessions etc.
 +# See "man pam_umask".
 +session optional                        pam_umask.so
 +# and here are more per-package modules (the "Additional" block)
 +session required        pam_unix.so
 +session optional        pam_mount.so
 +session [success=ok default=ignore]     pam_ldap.so minimum_uid=1000
 +session optional        pam_systemd.so
 +# end of pam-auth-update config
 +</Code>
 +
  • reserves/serveurs.1570610496.txt.gz
  • Dernière modification : 2019/10/09 10:41
  • de chabrol