Setup Ubuntu For LDAP Authentication

First you must install all the needed packages:

apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db

As part of the install process you will have to answer questions such as ldap version, domain name, ip address of your ldap server.

Above and beyound the packages you need to configure some authentication and login system files

Edit /etc/nsswitch.conf

Change the file so that files ldap replaces compat.

#passwd: compat

passwd: files ldap

#group: compat

group: files ldap


If this is working correctly when you use this command:

getent passwd

You should see similar /etc/passwd like output: .
.
.
mike:x:1000:1000:mike,,,:/home/mike:/bin/bash
bob:x:112:124:bob:/home/bob:/bin/bash
sam:x:113:125:sam:/home/sam:/bin/bash


Edit /etc/pam.d/common-account

You will need to edit the file so you have these two lines.

account sufficient pam_ldap.so

account required pam_unix.so


Edit /etc/pam.d/common-auth

auth sufficient pam_ldap.so

auth required pam_unix.so nullok_secure use_first_pass


Edit /etc/pam.d/common-password

password sufficient pam_ldap.so

password required pam_unix.so nullok obscure min=4 max=8 md5


Your ubuntu box should now be set up for ldap authentication