During the last couple of days I have been using a lot of F-words, while browsing Internet for good documentation about how to setup an LDAP-server. So far I have found none, but plenty that are less than good, but better than bad. So I had to do it the usual Linux way, read, test, scream, read, test and scream.
My goals for the LDAP-server are:
- Install LDAP on a Centos 6 minimum installation, both for server and clients.
- Install in the way that the developers of OpenLDAP intended.
- Install LDAP securely with LDAPS, iptables, SELinux etc. enabled.
- Use SSSD on the clients for the "authentication" connections to the LDAP-server.
This is the kind of question that I usually answer myself, but I would appreciate suggestions about how to do the installation even better.
Best Answer
Here is a couple of shell scripts that will install and configure openldap on a server and install and configure sssd for user authentication against the LDAP-server.
One that installs the LDAP-server with groups, users etc.
And one that installs sssd on the client, and connects to the LDAP-server.
Provided are also an LDIF files that needs to be placed in the same folder as the above scripts.
You will need to understand and edit the scripts before they are executed on your server. Amongst other things you need to customized for you installation is the things related to "syco.net", users, groups and passwords.