Consulting services
Implementing, installing and supporting open source applications in your environment email consulting

LDAP Guide

      BSD LDAP configuration

      1. Install Packages
      2. BSD 5.x System Settings
      3. System Authenticaton
      4. BSD PAM modules
      5. Automounting Home Directories.
      6. Changing your password.

      1. Install Packages
      packages to install
      a. openldap-client-x.xx Open source LDAP client implementation .
      b.      RFC 2307 NSS module
      cd /usr/ports/net/nss_ldap
      c. pam_ldap-x.x.x      A pam module for authenticating with LDAP
      cd /usr/ports/security/pam_ldap/
      make install clean ( if you build this port first, the following ports will also be installed
      - gettext-0.16.1_3    GNU gettext package
      - gmake-3.81_2        GNU version of 'make' utility
      - libiconv-1.11_1     A character set conversion library
      - libtool-1.5.24      Generic shared library support script
      - openldap-client-2.3.40 Open source LDAP client implementation
      - pam_ldap-1.8.4      A pam module for authenticating with LDAP

      2. BSD 5.x System Settings
      BSD system uses /etc/ldap.conf
      pam_ldap uses /usr/local/etc/ldap.conf
      nss_ldap usees /usr/local/etc/nss_ldap.conf

      +Create a symlink for /etc/ldap.conf pointing to /usr/local/etc/ldap.conf
      ln -s /usr/local/etc/ldap.conf /etc/ldap.conf

      6.x Systems Settings
      1. cd  /usr/locatl/etc
      - create config file
      cp nss_ldap.conf.sample nss_ldap.conf
      - created ldap config file
      cp ldap.conf.dist

      Configuration parametets (Minimal) /usr/local/etc/nss_ldap.con and /usr/local/etc/ldap.conf
      1. host 
      2. Distinguished name base 

      Openldap cleint uses /usr/local/etc/openldap/ldap.conf as it's configuration file
      change the BASE and URI value to reflect your domain. commands that use this conf file are

      3. System Authentication
      edit /etc/nsswitch.conf to look the settings below. - (File can be downloaded from current directory)

      passwd:	files ldap
      group:	files ldap
      shells: 	files ldap

      authenticate first from local system settings and then from LDAP directory

      4. BSD PAM modules
      PAM modules are located in /etc/pam.d directory
      add the following line before each "auth required section" in the files mentioned below.
      ------ 	auth	sufficient	/usr/local/lib/	no_warn try_first_pass	---------
      username password sent to Ldap directory.

      -system file
      allows users to su to another login name as well as becoming root(users must exist in the wheel group)

      allows your ldap account to login from the console

      Adding the line above will enable LDAP authentication for that application

      5. Automounting Directory
      1. As root create		 /.amd_mnt
      2. start mountd manually 	 mountd -r
      3. Turn on rpcbind
      4.. start amd manually enter the following command -  amd -a /.amd_mnt -l syslog /host /etc/ /net/ /etc/
      5. To have these feautures start up automatically enter the follwoing settings in /etc/rc.conf
Open Site Solutions

Informing about integrators, hardware and Open Source applications that can be used as alternatives to commercial properiertary software. Open source solutions are comprised of different software applications bundled together to create a unique and most times better solution than commercial software.

Open Source software

Open source is not freeware or shareware. Open Source software is built from a community of developers committed to a common goal who then make the source code and program available to download allowing modifications and contributions back into the source code.