Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
No Format
yum install -y openldap-clients nss_ldap 
/sbin/chkconfig nscd on
No Format
authconfig --enableldap \
--enableldapauth \
--ldapserver=ldap.example.com \
--ldapbasedn="dc=example,dc=com" \
--enablemkhomedir \
--update 

...

Enable Sudo Access to group ServerAdmins 

No Format
sudo sh -c 'echo "# Members of the LDAP group ServerAdmins may run sudo" >> /etc/sudoers' 
sudo sh -c 'echo "%ServerAdmins ALL=(root) ALL" >> /etc/sudoers' 

Restrict to Group ServerAdmins

 

No Format
cat << 'EOL' >/etc/ldap.restrictions
root
wheel
ServerAdmins
EOL
No Format
nano /etc/pam.d/system-auth

Insert into top of File

No Format
auth required pam_listfile.so onerr=fail item=group sense=allow file=/etc/ldap.restrictions