/etc/ldap.conf
|
host 192.168.100.130
#base dn=Users,dc=servtec,dc=com,dc=br
binddn cn=uteste4,cn=Users,dc=servtec,dc=com,dc=br
bindpw copa98
scope sub
ssl no
nss_base_passwd cn=Users,dc=servtec,dc=com,dc=br?sub
nss_base_shadow cn=Users,dc=servtec,dc=com,dc=br?sub
nss_base_group cn=Users,dc=servtec,dc=com,dc=br?sub
nss_map_objectclass posixAccount User
nss_map_objectclass shadowAccount User
nss_map_attribute uid sAMAccountName
#nss_map_attribute uidNumber msSFUUidNumber
#nss_map_attribute gidNumber msSFUUidNumber
#nss_map_attribute loginShell msSFULoginShell
#nss_map_attribute gecos name
nss_map_attribute userPassword msSFUPassword
nss_map_attribute homeDirectory msSFUHomeDirectory
nss_map_objectclass posixGroup Group
nss_map_attribute uniqueMember member
nss_map_attribute cn sAMAccountName
pam_login_attribute sAMAccountName
pam_filter objectclass=User
#pam_member_attribute msSFUPosixMember
#pam_groupdn cn=unixusergroup,dc=servtec,dc=com,dc=br
pam_password ad
|
|
/etc/ldap.conf
|
host 192.168.100.130
#base dn=Users,dc=servtec,dc=com,dc=br
binddn cn=uteste4,cn=Users,dc=servtec,dc=com,dc=br
bindpw copa98
scope sub
ssl no
nss_base_passwd cn=Users,dc=servtec,dc=com,dc=br?sub
nss_base_shadow cn=Users,dc=servtec,dc=com,dc=br?sub
nss_base_group cn=Users,dc=servtec,dc=com,dc=br?sub
nss_map_objectclass posixAccount User
nss_map_objectclass shadowAccount User
nss_map_attribute uid sAMAccountName
#nss_map_attribute uidNumber msSFUUidNumber
#nss_map_attribute gidNumber msSFUUidNumber
#nss_map_attribute loginShell msSFULoginShell
#nss_map_attribute gecos name
nss_map_attribute userPassword msSFUPassword
nss_map_attribute homeDirectory msSFUHomeDirectory
nss_map_objectclass posixGroup Group
nss_map_attribute uniqueMember member
nss_map_attribute cn sAMAccountName
pam_login_attribute sAMAccountName
pam_filter objectclass=User
#pam_member_attribute msSFUPosixMember
#pam_groupdn cn=unixusergroup,dc=servtec,dc=com,dc=br
pam_password ad
|
|
/etc/nsswitch.conf
|
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
#
compat
Use compatibility setup
#
nisplus
Use NIS+ (NIS version 3)
#
nis
Use NIS (NIS version 2), also called YP
#
dns
Use DNS (Domain Name Service)
#
files
Use the local files
#
db
Use the /var/db databases
# [NOTFOUND=return]
Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#
# passwd: files nis
# shadow: files nis
# group: files nis
passwd: files ldap
shadow: files ldap
group: files ldap
#passwd: compat
#group: compat
hosts: files lwres dns
networks: files dns
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files nis
aliases: files
passwd_compat: ldap
group_compat: ldap
|
|
/etc/nsswitch.conf
|
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+
Use NIS+ (NIS version 3)
# nis or yp Use
NIS (NIS version 2), also called YP
# dns
Use DNS (Domain Name Service)
# files
Use the local files
# db
Use the local database (.db) files
# compat
Use NIS on compat mode
# hesiod
Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching
if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files ldap
shadow: files ldap
group: files ldap
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return]
files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files ldap
rpc: files
services: files ldap
netgroup: files ldap
publickey: nisplus
automount: files ldap
aliases: files nisplus
|
|
/etc/openldap/ldap.conf
|
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
TLS_REQCERT allow
host 192.168.100.130
base dc=servtec,dc=com,dc=br
|
|
/etc/openldap/ldap.conf
|
# $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v
1.9
#2000/09/04 19:57:01 kurt Exp $
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
HOST 192.168.100.130
BASE dc=servtec,dc=com,dc=br
|
|
/etc/pam.d/login
|
#%PAM-1.0
auth requisite pam_unix2.so
nullok #set_secrpc
auth required pam_securetty.so
auth required
pam_nologin.so
#auth required pam_homecheck.so
auth required
pam_env.so
auth required pam_mail.so
account required pam_unix2.so
password required pam_pwcheck.so
nullok
password required pam_unix2.so
nullok use_first_pass use_authtok
session required pam_unix2.so
none # debug or trace
session required pam_limits.so
session required pam_resmgr.so
session required /lib/security/pam_mkhomedir.so
skel=/etc/skel/ umask=022
|
|
/etc/pam.d/login
|
#%PAM-1.0
auth required pam_securetty.so
auth required pam_stack.so
service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so
session required /lib/security/pam_mkhomedir.so
skel=/etc/skel/ umask=0022
|
|
