[root@kvm4 ~]# yum install {openldap,openldap-clients,nss-pam-ldapd}
1. ldap server: deyu.wang 2. base dn: dc=deyu,dc=wang 3. 認證證書: ftp://deyu.wang/pub/cacert.pem 4. 帳號: ldapuser1 5. 密碼: 123
[root@kvmr4 ~]# authconfig --help | grep ldap --enableldap enable LDAP for user information by default --disableldap disable LDAP for user information by default --enableldapauth enable LDAP for authentication by default --disableldapauth disable LDAP for authentication by default --ldapserver=<server> --ldapbasedn=<dn> default LDAP base DN --enableldaptls, --enableldapstarttls --disableldaptls, --disableldapstarttls --ldaploadcacert=<URL> [root@kvm4 ~]# authconfig --enableldap --enableldapauth \ --ldapserver=deyu.wang --ldapbasedn="dc=deyu,dc=wang" --enableldaptls --enableldapstarttls \ --ldaploadcacert=ftp://deyu.wang/pub/cacert.pem --update
[root@kvm4 ~]# getent passwd ldapuser1 ldapuser1:{SSHA}HAvRpYe5TR88asauGqYtoCFzT7qHYqjP:1001:1001:ldapuser1:/home/guests/ldapuser1:/bin/bash
[root@kvm4 ~]# su - ldapuser1 su: warning: cannot change directory to /home/guests/ldapuser1: No such file or directory -bash-4.1$
[root@kvm4 ~]# getent passwd ldapuser1 ldapuser1:{SSHA}HAvRpYe5TR88asauGqYtoCFzT7qHYqjP:1001:1001:ldapuser1:/home/guests/ldapuser1:/bin/bash [root@kvm4 ~]# su - ldapuser1 [ldapuser1@kvm4 ~]$ pwd /home/guests/ldapuser1
[root@kvm4 cacerts]# system-config-authentication 1. Under, "User account database" select LDAP 2. For "base DN", enter 'dc=deyu,dc=wang' 3. For "LDAP Server", enter 'ldap://deyu.wang' 4. Click "Download certificate" and use ftp://deyu.wang/pub/cacert.pem 5. Leave TLS *UNCHECKED* 6. Under "Authentication Method", select LDAP 7. Select Apply and complete firstboot setup