Install the following package on Debian distribution, such as Ubuntu, Mint, or Debian, that you want to configure to use LDAP authentication.
~]# apt-get install libnss-ldapd
At the first prompt, enter the hostname or IP address of the LDAP server.
At the next prompt, enter the hostname of the LDAP server again, this time, in a different format.
At the next prompt, select the services you want LDAP to support. In this example, the only service selected is passwd, which means that LDAP will only be used to be able to sign into the client Linux system as a user on the LDAP server. This adds ldap to the passwd line in the /etc/nsswitch.conf file.
Ensure the name service LDAP connection daemon is running.
~]# service nslcd status * nslcd running
The getent passwd command should now display all of your local user accounts in /etc/passwd and all of the users on the LDAP server. In this example, Bush and Clinton are local user accounts, and Reagan and Clinton are users on the LDAP server.
~]# getent passwd bush:x:1005:1006::/home/ford:/bin/bash obama:x:1006:1007::/home/carter:/bin/bash reagan:x::::: clinton:x:::::
You should now be able to query your LDAP user. First, install the LDAP utilities package.
~]# apt-get install ldap-utils
Then, search for a user on the LDAP server.
~]# ldapsearch -x -D "cn=JohnDoe,dc=example,dc=com" -w password -h ldap.example.com -p 389 -b "dc=example,dc=com"
You should also be able to authenticate on the client using your LDAP user.
~]# su - JohnDoe
The getent command can be used to see that you are able to get an LDAP user, but the user is not in the local /etc/passwd file.
~]# getent passwd JohnDoe JohnDoe:x:1001:1001:JohnDoe:/home/JohnDoe:/bin/bash
Mount home directory
When switching to JohnDoe on a client PC, the client PC will not have a home directory for John Doe, such as /home/JohnDoe. To resolve this, share /home/JohnDoe on the LDAP server using AutoFS.