This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
авторизация_с_использованием_ldap_сервера [2021/03/09 11:00] val [Настройка библиотеки nsswitch] |
авторизация_с_использованием_ldap_сервера [2022/10/03 10:57] val [Debian/Ubuntu] |
||
---|---|---|---|
Line 33: | Line 33: | ||
gate# LDAPTLS_REQCERT=never ldapsearch -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -w 'Pa$$w0rd' -H ldaps://server.corpX.un -b "dc=corpX,dc=un" "sAMAccountName=user1" | gate# LDAPTLS_REQCERT=never ldapsearch -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -w 'Pa$$w0rd' -H ldaps://server.corpX.un -b "dc=corpX,dc=un" "sAMAccountName=user1" | ||
+ | |||
+ | или с Kerberos GSSAPI аутентификацией | ||
+ | |||
+ | gate# apt install libsasl2-modules-gssapi-mit | ||
+ | gate# kinit Administrator | ||
+ | gate# ldapsearch -h server -b "dc=corpX,dc=un" "sAMAccountName=user1" | ||
</code><code> | </code><code> | ||
... | ... | ||
Line 53: | Line 59: | ||
==== Debian/Ubuntu ==== | ==== Debian/Ubuntu ==== | ||
<code> | <code> | ||
- | root@gate:~# apt install libnss-ldap | + | root@gate:~# DEBIAN_FRONTEND=noninteractive apt install libnss-ldap |
</code><code> | </code><code> | ||
... | ... | ||
Line 162: | Line 168: | ||
===== Установка сертификатов ===== | ===== Установка сертификатов ===== | ||
- | ==== FreeBSD ==== | + | * [[Пакет OpenSSL#Импорт сертификата центра сертификации]] |
- | <code> | + | |
- | # setenv LDAPTLS_REQCERT never | + | |
- | или | + | |
- | # pkg install ca_root_nss | + | |
- | # setenv LDAPTLS_CACERT /usr/local/etc/ssl/cert.pem | + | |
- | </code> | + | |
- | ==== Linux ==== | + | |
<code> | <code> | ||
# export LDAPTLS_REQCERT=never | # export LDAPTLS_REQCERT=never | ||
</code> | </code> |