Page tree

Welcome to FreeSoftwareServers Confluence Wiki

Skip to end of metadata
Go to start of metadata
yum install -y openldap-clients nss_ldap 
/sbin/chkconfig nscd on
authconfig --enableldap \
--enableldapauth \
--ldapserver=ldap.example.com \
--ldapbasedn="dc=example,dc=com" \
--enablemkhomedir \
--update 

Thats it!

Enable Sudo Access to group ServerAdmins

sudo sh -c 'echo "# Members of the LDAP group ServerAdmins may run sudo" >> /etc/sudoers' 
sudo sh -c 'echo "%ServerAdmins ALL=(root) ALL" >> /etc/sudoers' 

Restrict to Group ServerAdmins

 

cat << 'EOL' >/etc/ldap.restrictions
root
wheel
ServerAdmins
EOL
nano /etc/pam.d/system-auth

Insert into top of File

auth required pam_listfile.so onerr=fail item=group sense=allow file=/etc/ldap.restrictions

 

 
  • No labels