Install the following package on Debian distribution, such as Ubuntu, Mint, or Debian, that you want to configure to use LDAP authentication.

~]# apt-get install libnss-ldapd

At the first prompt, enter the hostname or IP address of the LDAP server.

At the next prompt, enter the hostname of the LDAP server again, this time, in a different format.

At the next prompt, select the services you want LDAP to support. In this example, the only service selected is passwd, which means that LDAP will only be used to be able to sign into the client Linux system as a user on the LDAP server. This adds ldap to the passwd line in the /etc/nsswitch.conf file.

Ensure LDAP port 389 is open in iptables or firewalld. 

Ensure the name service LDAP connection daemon is running.

~]# service nslcd status
 * nslcd running

The getent passwd command should now display all of your local user accounts in /etc/passwd and all of the users on the LDAP server. In this example, Bush and Clinton are local user accounts, and Reagan and Clinton are users on the LDAP server.

~]# getent passwd
bush:x:1005:1006::/home/ford:/bin/bash
obama:x:1006:1007::/home/carter:/bin/bash
reagan:x:::::
clinton:x:::::

You should now be able to query your LDAP user. First, install the LDAP utilities package.

~]# apt-get install ldap-utils

Then, use the ldapsearch command to search for a user on the LDAP server.

You should also be able to authenticate on the client using your LDAP user.

~]# su - JohnDoe

The getent command can be used to see that you are able to get an LDAP user, but the user is not in the local /etc/passwd file.

~]# getent passwd JohnDoe
JohnDoe:x:1001:1001:JohnDoe:/home/JohnDoe:/bin/bash

Mount home directory

When switching to JohnDoe on a client PC, the client PC will not have a home directory for John Doe, such as /home/JohnDoe. To resolve this, share /home/JohnDoe on the LDAP server using AutoFS.