how to install ldap client on ubuntu

How to Configure LDAP Client for Ubuntu

LDAP (Lightweight Directory Access Protocol) allows applications to quickly authenticate users and control their directory access. It is used by many organizations around the world. It uses a client-server architecture whereby LDAP clients send user information to the server for authentication and access. The server response determines whether the said user is authenticated and has access or not. In this article, we will learn how to configure LDAP client for Ubuntu. You can use these steps for Ubuntu 16.04 and above.


How to Configure LDAP Client for Ubuntu

Here are the steps to configure LDAP client for Ubuntu. We have assumed that you have configured LDAP server on another system and you want to install LDAP client on your system. The client will communicate with the server. We have also assumed that you have added user accounts to your LDAP server.


1. Add LDAP Server’s Address

First, we need to add your LDAP server’s address to your /etc/hosts file. For this purpose, open terminal and run the following command to open /etc/hosts.

$ sudo vi /etc/hosts

Let us say your LDAP server’s address is ldap.example.com and it is located at 54.43.32.21. Add the following line to your /etc/hosts file.

54.43.32.21 ldap.example.com

Save and close the file.


2. Install LDAP Client Utilities

Run the following command to install LDAP client utilities on your system.

$ sudo apt -y install libnss-ldap libpam-ldap ldap-utils


3. Configure LDAP client

When you run the above command, you will see the following screen asking you to set LDAP URI. You can set it to the IP address or hostname of your LDAP server.

configure ldap client in ubuntu

Next, set a distinguished name for your search base.

configure ldap client in ubuntu step 2

Next, select LDAP version. We will select version 3.

configure ldap client in ubuntu step 3

Next, select Yes to Make Local root database admin.

configure ldap client in ubuntu step 4

Next, select No to Does LDAP database require login.

configure ldap client in ubuntu step 5

Next, set LDAP account for root by entering cn=admin,cd=example,cn=com

configure ldap client in ubuntu step 6

Next, provide LDAP root account password.

configure ldap client in ubuntu step 7

This will proceed with installation.

After installation is complete, edit /etc/nsswitch.conf and ldap authentication to passwd and group lines.

passwd: compat systemd ldap
group: compat systemd ldap
shadow: compat

Next, modify /etc/pam.d/common-password. Remove use_authtok on line 26 so that it looks like

password [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass

Save and close the file. Add the following line to the end of /etc/pam.d/common-session to enable creation of home directory on first login.

session optional pam_mkhomedir.so skel=/etc/skel umask=077

Save and close the file.


4. Test Installation

Switch to a user account on LDAP to test the installation.

# sudo su - test_user
Creating directory '/home/test_user'.
$ id
uid=10000(test_user) gid=10000(sysadmins) groups=10000(sysadmins)

In this article, we have learnt how to configure LDAP client in Ubuntu. If you are looking to install LDAP server also, you can refer to our tutorial here.

Also read:

How to Copy File to Clipboard in Ubuntu
How to Assign Command Output to Variable in Shell Script
How to Disable Package Updates in Yum/Dnf
How to Group By Multiple Columns in Python Pandas
How to Access Environment Variables in Python

Leave a Reply

Your email address will not be published.