Merge branch 'master' of gitlab.mi.hdm-stuttgart.de:goik/GoikLectures

a9331ce4 · Goik Martin · d8eca575 · a4f77aad · a9331ce4
Commit a9331ce4 authored 6 years ago by Goik Martin
--- a/Doc/Sdi/ldap.xml
+++ b/Doc/Sdi/ldap.xml
@@ -726,31 +726,48 @@ olcModulePath: /usr/lib/ldap</programlisting>

      <para>Configure your second VM (the one without <xref
      linkend="glo_LDAP"/> Server) to allow for user login purely based on
-      <xref linkend="glo_LDAP"/>. Activation of OS level <xref
-      linkend="glo_LDAP"/> user and group support is being outlined in <link
-      xlink:href="https://wiki.debian.org/LDAP/PAM">Configuring LDAP
-      Authentication</link>.</para>
+      <xref linkend="glo_LDAP"/>.</para>

-      <tip>
-        <para>All user information (<property>uid</property>, common name,
-        numerical id, group information ...) will reside on your <xref
-        linkend="glo_LDAP"/> Server rather than locally in
-        <filename>/etc/passwd</filename>, <filename>/etc/group</filename> and
-        <filename>/etc/shadow</filename>. Create the required user home
-        directory manually.</para>
-
-        <para>On successful configuration corresponding to a <xref
-        linkend="glo_LDAP"/> user <property>ldaptest</property> you should see
-        the following</para>
-
-        <screen>$ id ldaptest
+      <itemizedlist>
+        <listitem>
+          <para>Activation of OS level <xref linkend="glo_LDAP"/> user and
+          group support is being outlined in <link
+          xlink:href="https://wiki.debian.org/LDAP/PAM">Configuring LDAP
+          Authentication</link>.</para>
+        </listitem>
+
+        <listitem>
+          <para>Follow the »newer« <link
+          xlink:href="https://wiki.debian.org/LDAP/PAM#PAM_Setup_with_libpam-ldapd">PAM
+          Setup with libpam-ldapd approach</link> rather than using the older
+          <package>libpam-ldap</package> package.</para>
+        </listitem>
+
+        <listitem>
+          <para>First step will allow for viewing user meta data on the client
+          side:</para>
+
+          <screen>$ id ldaptest
 uid=1001(ldaptest) gid=1001(ldaptest) groups=1001(ldaptest)</screen>

-        <para>A <quote>id: ‘ldaptest’: no such user</quote> message indicates
-        your <xref linkend="glo_LDAP"/> setup does not yet work.</para>
+          <para>A <quote>id: ‘ldaptest’: no such user</quote> message
+          indicates your <xref linkend="glo_LDAP"/> setup does not yet
+          work.</para>
+        </listitem>
+
+        <listitem>
+          <para>Create the required user home directory manually and change
+          owner and group accordingly.</para>
+        </listitem>
+      </itemizedlist>

-        <para>After this continue to configure password based user login based
-        on <xref linkend="glo_LDAP"/> credentials.</para>
+      <tip>
+        <para><xref linkend="glo_LDAP"/> user information
+        (<property>uid</property>, common name, numerical id, group
+        information ...) will reside on your <xref linkend="glo_LDAP"/> Server
+        rather than locally in <filename>/etc/passwd</filename>,
+        <filename>/etc/group</filename> and <filename>/etc/shadow</filename>.
+        </para>
      </tip>
    </section>