Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
client_ldap [2018/05/15 17:07] – maxime | client_ldap [2019/10/07 15:38] (Version actuelle) – chabrol | ||
---|---|---|---|
Ligne 3: | Ligne 3: | ||
==== Client sous Ubuntu 16.04 ==== | ==== Client sous Ubuntu 16.04 ==== | ||
- | * '' | + | <note important> |
- | | + | Pour cela, on utilise la commande : '' |
+ | |||
+ | Il ne faut pas crée le nouveau home, il est créé automatiquement.</ | ||
+ | | ||
+ | |||
+ | * Modification du fichier | ||
< | < | ||
# | # | ||
Ligne 43: | Ligne 48: | ||
</ | </ | ||
- | * ''/ | + | * Modification du fichier |
- | < | + | |
- | ### | + | |
- | ## | + | |
- | ## Configuration of this file will be managed by debconf as long as the | + | |
- | ## first line of the file says '### | + | |
- | ## | + | |
- | ## You should use dpkg-reconfigure to configure this file via debconf | + | |
- | ## | + | |
- | + | ||
- | # The distinguished name of the search base. | + | |
- | base dc=i2m, | + | |
- | + | ||
- | # Another way to specify your LDAP server is to provide an | + | |
- | uri ldap:// | + | |
- | + | ||
- | # The LDAP version to use (defaults to 3 | + | |
- | # if supported by client library) | + | |
- | ldap_version 3 | + | |
- | + | ||
- | # The port. | + | |
- | # Optional: default is 389. | + | |
- | #port 389 | + | |
- | + | ||
- | # Do not hash the password at all; presume | + | |
- | # the directory server will do it, if | + | |
- | # necessary. This is the default. | + | |
- | pam_password md5 | + | |
- | + | ||
- | # Netscape SDK LDAPS | + | |
- | #ssl on | + | |
- | + | ||
- | # OpenLDAP SSL mechanism | + | |
- | # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 | + | |
- | #ssl start_tls | + | |
- | #ssl on | + | |
- | + | ||
- | # OpenLDAP SSL options | + | |
- | # Require and verify server certificate (yes/no) | + | |
- | # Default is to use libldap' | + | |
- | # / | + | |
- | # OpenLDAP 2.0 and earlier is " | + | |
- | # | + | |
- | + | ||
- | # CA certificates for server certificate verification | + | |
- | # At least one of these are required if tls_checkpeer is " | + | |
- | # | + | |
- | # | + | |
- | + | ||
- | # Client certificate and key | + | |
- | # Use these, if your server requires client authentication. | + | |
- | #tls_cert | + | |
- | #tls_key | + | |
- | + | ||
- | # Disable SASL security layers. This is needed for AD. | + | |
- | # | + | |
- | + | ||
- | # Override the default Kerberos ticket cache location. | + | |
- | # | + | |
- | + | ||
- | # SASL mechanism for PAM authentication - use is experimental | + | |
- | # at present and does not support password policy control | + | |
- | # | + | |
- | </ | + | |
- | + | ||
- | * ''/ | + | |
< | < | ||
# | # | ||
Ligne 143: | Ligne 83: | ||
</ | </ | ||
- | * ''/ | + | * Modification du fichier |
< | < | ||
# | # | ||
Ligne 176: | Ligne 116: | ||
</ | </ | ||
- | * ''/ | + | * Modification du fichier |
< | < | ||
<?xml version=" | <?xml version=" | ||
Ligne 191: | Ligne 131: | ||
</ | </ | ||
- | * ''/ | + | * Modification du fichier |
< | < | ||
/ | / | ||
Ligne 221: | Ligne 161: | ||
</ | </ | ||
- | * '' | + | * On exécute la commande |
- | * ''/ | + | * Modification du fichier |
< | < | ||
# / | # / | ||
Ligne 258: | Ligne 198: | ||
</ | </ | ||
- | * '' | + | * On redémarre les services nslcd et nscd : '' |
- | * '' | + | * On lance la commande |
- | * '' | + | |
- | * ''/ | + | * On modifie le fichier |
< | < | ||
# | # | ||
Ligne 299: | Ligne 238: | ||
</ | </ | ||
- | * '' | + | * On récupère les certificats de protis et on les place dans le répertoire |
- | * '' | + | * On crée le répertoire : '' |
* Copie du certificat de protis ''/ | * Copie du certificat de protis ''/ | ||
- | * '' | + | * On redémarre autofs : '' |
+ | |||
+ | * Le fichier ''/ | ||
+ | < | ||
+ | ### | ||
+ | ## | ||
+ | ## Configuration of this file will be managed by debconf as long as the | ||
+ | ## first line of the file says '### | ||
+ | ## | ||
+ | ## You should use dpkg-reconfigure to configure this file via debconf | ||
+ | ## | ||
+ | |||
+ | # The distinguished name of the search base. | ||
+ | base dc=i2m, | ||
+ | |||
+ | # Another way to specify your LDAP server is to provide an | ||
+ | uri ldap:// | ||
+ | |||
+ | # The LDAP version to use (defaults to 3 | ||
+ | # if supported by client library) | ||
+ | ldap_version 3 | ||
+ | |||
+ | # The port. | ||
+ | # Optional: default is 389. | ||
+ | #port 389 | ||
+ | |||
+ | # Do not hash the password at all; presume | ||
+ | # the directory server will do it, if | ||
+ | # necessary. This is the default. | ||
+ | pam_password md5 | ||
+ | |||
+ | # Netscape SDK LDAPS | ||
+ | #ssl on | ||
+ | |||
+ | # OpenLDAP SSL mechanism | ||
+ | # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 | ||
+ | #ssl start_tls | ||
+ | #ssl on | ||
+ | |||
+ | # OpenLDAP SSL options | ||
+ | # Require and verify server certificate (yes/no) | ||
+ | # Default is to use libldap' | ||
+ | # / | ||
+ | # OpenLDAP 2.0 and earlier is " | ||
+ | # | ||
+ | |||
+ | # CA certificates for server certificate verification | ||
+ | # At least one of these are required if tls_checkpeer is " | ||
+ | # | ||
+ | # | ||
+ | |||
+ | # Client certificate and key | ||
+ | # Use these, if your server requires client authentication. | ||
+ | #tls_cert | ||
+ | #tls_key | ||
+ | |||
+ | # Disable SASL security layers. This is needed for AD. | ||
+ | # | ||
+ | |||
+ | # Override the default Kerberos ticket cache location. | ||
+ | # | ||
+ | |||
+ | # SASL mechanism for PAM authentication - use is experimental | ||
+ | # at present and does not support password policy control | ||
+ | # | ||
+ | </ | ||