up to now I didn’t have the necessity to communicate encrypted in our network at school.
So my own little LDAP-Setup was really simple but sufficient.
With nethserver it seems to me, that LDAP communication ist per default encrypted. I saw in the manual, that it can be disabled - ok, but why should I It’s ok, if it’s preinstalled like that …
but … I want to authenticate ubuntu-Clients (and Mint) against the LDAP and i didn’t find a really
detailed tutorial how to do that. Many of the online-stuff is years old and many of the HowTos stop right before the part, where the CLIENT-side is explained. Has anybody a good source for me?
( … unfortunatelly I haven’t got the time to read all the relevant RFC’s … )
I’ve no experience on Linux workstations as LDAP clients. Sadly it seems the majority of people want MS!
However I see what you’re describing is quite popular in educational environments. Let me know if you’ll find a good tutorial for the client part. For NethServer I’ll be happy to help
Usually (ubuntu clients, either real or ltsp ones) I join clients to NS domain
AFAICS there’s no documentation ready… you can find something useful on http://wiki.contribs.org/Client_Authentication
HTH
up to now i was able to autenticate my clients against the LDAP of nethserver.
Looking back, it was no big deal …
My major problem was the missing nfs-Server on the nethserver. I am not good enough with
Centos and the nethserver firewall, … to get a nfs server running.
My way around was to install a seperat machine as NFS-Server that autenticates against the LDAP, too.
The home-Directories are now located on this nfs server and I don’t use those on Nethserver …
That is no perfect solution, i know - but for me it’s ok.
As soon as i’ve got ist really working, i will write a small guide …
I basically googled NFS on CentOS to find some guides to set it up. Then I troubleshooted it to get it to work with Nethserver. I followed the development guide to add the NFS specific services and proper ports to Nethserver (there are a lot used by NFS).
ok - i tried, too. But i never knew exactly, where my settings would interfere with those of nethserver.
For example, the service never showed up in the webgui. I never was really sure, if the firewalling was configured correctly …
Unfortunately I had not the time to solve all the “little” problems along the way with my level of knowledge. Would be great, if you could sum up your steps, too.
And as I wrote, i normally use debian like systems - and to switch over to CentOS is a question of time …
The service rpcgssd and rpcsvcgssd always reports as ‘Stopped’ on the services tab. They only run when required. There is of course all of the configuration files you’ll need to setup for NFS as well. That’s where Google becomes you friend . To make it easier to test, you should stopped the firewall while setting it up and making the connection first. Just to prove that you are able to get it to connect. Then start the firewall and see what happens. I did that a number of times while stopping and starting the NFS services and rebooting the server just so that I know they connect if anything were to happen. If you start the NFS service and connect to it and then start the firewall, the connection may remain until the NFS service is restarted.
In the end I still had some issues while getting the servers to connect so I added each server in the others firewall and allow all communication between them. I believe I was missing a number of ports that were required and didn’t have the time to hunt them all down.
[1]: http://docs.nethserver.org/projects/nethserver-devel/en/latest/services.html
It’s ok, if it’s preinstalled like that …
I’ve no experience on Linux workstations as LDAP clients. Sadly it seems the majority of people want MS!
