This assumes you've created a user in LDAP. Let's say you've created user JohnDoe in example.com.

Install the following packages on Red Hat distribution, such as Red Hat, CentOS, or Fedora, that you want to configure to use LDAP authentication.

yum install openldap-clients
yum install nss-pam-ldapd

Use the authconfig command to configure your system to use your LDAP server. In this example, LDAP (non-secure is being used), not LDAPS (secured).

authconfig --enableldap --enableldapauth --ldapserver="ldap.example.com" --ldapbasedn="dc=example,dc=com" --update

To reduce complexity, disable SSS as an authentication mechanism.

authconfig --disablesssd --update

The above commands would have updated /etc/nslcd.conf to have the following.

uri ldap://example.com/
base dc=example,dc=com

Ensure the changes have been properly set.

authconfig --test | grep -i ldap

nss_ldap is enabled
 LDAP+TLS is disabled
 LDAP server = "ldap.example.com"
 LDAP base DN = "dc=example,dc=com"

pam_ldap is enabled
 LDAP+TLS is disabled
 LDAP server = "ldap.example.com"
 LDAP base DN = "dc=example,dc=com"
 LDAP schema = "rfc2307"

Ensure LDAP port 389 is open in iptables or firewalld. 

The ldapsearch command can be used to query your LDAP database. 

Update /etc/nssswitch.conf to use ldap.

passwd: files ldap
group:  files ldap
shadow: files ldap

The ps command can be used to determine if your system is using init or systemd. If PID 1 is init, then you will use the service command. If PID 1 is systemd, then you will use the systemctl command.

If your system is using systemd, use the systemctl command to restart and enable Name Service LDAP Client Daemon (nslcd).

systemctl enable nslcd
systemctl restart nslcd
systemctl status nslcd

If your system is using init, use the chkconfig and service commands to restart and enable Name Service LDAP Client Daemon (nslcd).

chkconfig nslcd on
service nslcd restart
service nslcd status

The getent command can be used to see that you are able to get an LDAP user, but the user is not in the local /etc/passwd or /etc/shadow files.

getent passwd JohnDoe

JohnDoe:x:1001:1001:JohnDoe:/home/JohnDoe:/bin/bash

getent shadow JohnDoe

JohnDoe:*::0:99999:7:::0

You should also be able to authenticate on the client using your LDAP user.

su - JohnDoe

Mount home directory

When switching to JohnDoe on a client PC, the client PC will not have a home directory for John Doe, such as /home/JohnDoe. To resolve this, share /home/JohnDoe on the LDAP server using AutoFS.