From a4f77aad7bdaad80c62f4e6d0190c0149b9b080a Mon Sep 17 00:00:00 2001
From: Martin Goik <goik@hdm-stuttgart.de>
Date: Wed, 16 May 2018 17:17:26 +0200
Subject: [PATCH] Chhosing libpam-ldapd in favour of libpam-ldap
---
Doc/Sdi/ldap.xml | 59 +++++++++++++++++++++++++++++++-----------------
1 file changed, 38 insertions(+), 21 deletions(-)
diff --git a/Doc/Sdi/ldap.xml b/Doc/Sdi/ldap.xml
index f075351c8..ba5cc2dae 100644
--- a/Doc/Sdi/ldap.xml
+++ b/Doc/Sdi/ldap.xml
@@ -726,31 +726,48 @@ olcModulePath: /usr/lib/ldap</programlisting>
<para>Configure your second VM (the one without <xref
linkend="glo_LDAP"/> Server) to allow for user login purely based on
- <xref linkend="glo_LDAP"/>. Activation of OS level <xref
- linkend="glo_LDAP"/> user and group support is being outlined in <link
- xlink:href="https://wiki.debian.org/LDAP/PAM">Configuring LDAP
- Authentication</link>.</para>
+ <xref linkend="glo_LDAP"/>.</para>
- <tip>
- <para>All user information (<property>uid</property>, common name,
- numerical id, group information ...) will reside on your <xref
- linkend="glo_LDAP"/> Server rather than locally in
- <filename>/etc/passwd</filename>, <filename>/etc/group</filename> and
- <filename>/etc/shadow</filename>. Create the required user home
- directory manually.</para>
-
- <para>On successful configuration corresponding to a <xref
- linkend="glo_LDAP"/> user <property>ldaptest</property> you should see
- the following</para>
-
- <screen>$ id ldaptest
+ <itemizedlist>
+ <listitem>
+ <para>Activation of OS level <xref linkend="glo_LDAP"/> user and
+ group support is being outlined in <link
+ xlink:href="https://wiki.debian.org/LDAP/PAM">Configuring LDAP
+ Authentication</link>.</para>
+ </listitem>
+
+ <listitem>
+ <para>Follow the »newer« <link
+ xlink:href="https://wiki.debian.org/LDAP/PAM#PAM_Setup_with_libpam-ldapd">PAM
+ Setup with libpam-ldapd approach</link> rather than using the older
+ <package>libpam-ldap</package> package.</para>
+ </listitem>
+
+ <listitem>
+ <para>First step will allow for viewing user meta data on the client
+ side:</para>
+
+ <screen>$ id ldaptest
uid=1001(ldaptest) gid=1001(ldaptest) groups=1001(ldaptest)</screen>
- <para>A <quote>id: ‘ldaptest’: no such user</quote> message indicates
- your <xref linkend="glo_LDAP"/> setup does not yet work.</para>
+ <para>A <quote>id: ‘ldaptest’: no such user</quote> message
+ indicates your <xref linkend="glo_LDAP"/> setup does not yet
+ work.</para>
+ </listitem>
+
+ <listitem>
+ <para>Create the required user home directory manually and change
+ owner and group accordingly.</para>
+ </listitem>
+ </itemizedlist>
- <para>After this continue to configure password based user login based
- on <xref linkend="glo_LDAP"/> credentials.</para>
+ <tip>
+ <para><xref linkend="glo_LDAP"/> user information
+ (<property>uid</property>, common name, numerical id, group
+ information ...) will reside on your <xref linkend="glo_LDAP"/> Server
+ rather than locally in <filename>/etc/passwd</filename>,
+ <filename>/etc/group</filename> and <filename>/etc/shadow</filename>.
+ </para>
</tip>
</section>
--
GitLab