This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
авторизация_с_использованием_ldap_сервера [2022/10/18 17:09] val [Настройка библиотеки nsswitch] |
авторизация_с_использованием_ldap_сервера [2024/01/26 13:06] (current) val [Установка сертификатов] |
||
---|---|---|---|
Line 26: | Line 26: | ||
* Права на чтение атрибутов LDAP ([[http://support.microsoft.com/kb/976063]]) | * Права на чтение атрибутов LDAP ([[http://support.microsoft.com/kb/976063]]) | ||
+ | * [[https://ldap.com/dns-srv-records-for-ldap/|DNS SRV Records for LDAP]] | ||
<code> | <code> | ||
- | gate# ldapsearch -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -W -h server -b "dc=corpX,dc=un" "sAMAccountName=user1" | + | gate# ldapsearch -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -W -H ldap://server -b "dc=corpX,dc=un" "sAMAccountName=user1" |
или через ldaps: | или через ldaps: | ||
Line 48: | Line 49: | ||
... | ... | ||
</code><code> | </code><code> | ||
- | # ldapsearch -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -W -h server -b "dc=corpX,dc=un" "sAMAccountName=guser1" | + | # ldapsearch -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -W -H ldap://server -b "dc=corpX,dc=un" "sAMAccountName=guser1" |
</code><code> | </code><code> | ||
... | ... | ||
Line 172: | Line 173: | ||
<code> | <code> | ||
# export LDAPTLS_REQCERT=never | # export LDAPTLS_REQCERT=never | ||
+ | </code> | ||
+ | |||
+ | ===== Дополнительные материалы ===== | ||
+ | |||
+ | ==== Изменения в Debian 12 ==== | ||
+ | <code> | ||
+ | debian12# apt install libnss-ldapd | ||
+ | |||
+ | debian12# grep "^[^#]" /etc/nslcd.conf | ||
+ | uid nslcd | ||
+ | gid nslcd | ||
+ | uri ldap://server/ | ||
+ | base dc=corp20,dc=un | ||
+ | tls_cacertfile /etc/ssl/certs/ca-certificates.crt | ||
+ | |||
+ | service nslcd restart | ||
+ | |||
+ | gate# chown -R user1:user1 /home/user1 | ||
+ | gate# chown -R user2:user2 /home/user2 | ||
</code> | </code> |