Ubuntu 20.04 or later
Follow these steps to install and configure an LDAP client using Ansible:
$ sudo apt-get update
$ sudo apt-get install libnss-ldap libpam-ldap ldap-utils nslcd
2. Configure the /etc/nslcd.conf file with your LDAP server details, such as the server URL, base DN, and credentials. For example:
uri ldap://ldap.example.com
base dc=example,dc=com
binddn cn=admin,dc=example,dc=com
bindpw YOURPASSWORD_HERE
passwd: files ldap
group: files ldap
shadow: files ldap
4. Configure PAM to use LDAP authentication in the /etc/pam.d/common-session file. Add the following lines:
session optional pam_mkhomedir.so umask=0022 skel=/etc/skel
session required pam_unix.so
session optional pam_ldap.so
$ sudo systemctl restart nslcd
Verify the configuration by querying for a user or group:
$ getent passwd <username>
$ getent group <groupname>
If the getent passwd command does not return any information for the specified user, it could indicate a problem with your LDAP configuration. To troubleshoot, check the /var/log/auth.log file.
Once the LDAP client is installed and configured, you can log in using your LDAP username and password:
$ login <username>
Password: ****
Welcome to Ubuntu.
Change the file playbook
vars:
ldap_server: [URL]
ldap_base: [LDAP_BASE]
ldap_binddn: [BINDDN_ROOT]
ldap_bindpw: [PASSWORD]
ldap_version: [LDAP_VERSION]
ldap_pam_password: [PAM_PASSWPORD_CRYPT]
Example :
vars:
ldap_server: ldap://192.168.8.149
ldap_base: dc=example,dc=com
ldap_binddn: cn=admin,dc=example,dc=com
ldap_bindpw: 1234
ldap_version: 3
ldap_pam_password: md5
you must change also remote_user
with your username
put the clients ip in hosts
[all]
Client Ips
Example :
[all]
192.168.8.168
192.168.8.164
192.168.8.163
192.168.8.161