LDAP based user login

Configure your second VM (the one without LDAP Server) to allow for user login purely based on LDAP.

  • Activation of OS level LDAP user and group support is being outlined in Configuring LDAP Authentication.

  • Follow the «newer» PAM Setup with libpam-ldapd approach rather than using the older libpam-ldap package.

  • First step will allow for viewing user meta data on the client side:

    $ id ldaptest
    uid=1001(ldaptest) gid=1001(ldaptest) groups=1001(ldaptest)

    A id: ‘ldaptest’: no such user message indicates your LDAP setup does not yet work.

  • Create the required user home directory manually and change owner and group accordingly.


LDAP user information (uid, common name, numerical id, group information ...) will reside on your LDAP Server rather than locally in /etc/passwd, /etc/group and /etc/shadow.