I need to set up a network of twenty Ubuntu machines and a server. As it is now, the users have local accounts on the machines, but I want to have centralized user authentication, with all user info stored on the server, and with server-side home directories. So when a user logs in on any of the client computers, his username and password should be checked on the server, and then his home directory should be mounted from the server via NFS or something.
How do I do this? Which is the best way?
Best Answer
I've run something like this in the past. LDAP is your best bet for centralized accounts. This is reasonably standard, and should be easy to set up. The client is merely a matter of installing a few packages (ldap-utils, libnss-ldap, and libpam-ldap), and editing /etc/pam.d/common-(everything). You'll need to add a line like
As well as this, you'll have to edit /etc/nsswitch.conf, to add ldap at the end of shadow, group, and passwd.
The server is somewhat more complicated. This seems to include a relatively up to date example of how to set it up. The OpenLDAP docs are also well worth reading.
For homedirs, you'll want to use NFS. Depending on whether you need them unmounted when users are not logged in, you may want to use the automounter (autofs). I've never used this, so I can't tell you where you're going to run into trouble there, but working without it should be perfectly doable, and will give you much the same effect, with a far less complicated setup.