Ubuntu 通过ldap集成AD账号登录
注:该方式不依赖于AD的server for nis,单纯AD服务即可
安装libnss-ldapd(会自动安装nscd、nslcd)、libpam-ldapd
# apt-get install libnss-ldapd libpam-ldapd (中间配ldap部分可直接回车或随便写,后面调nslcd.conf文件即可)
# vi /etc/nsswitch.conf
passwd: files ldap
group: files ldap
shadow: files ldap
:wq
# vi /etc/nslcd.conf
uri ldap://10.0.1.4:3268
base dc=ming,dc=com
binddn cn=adminldap,cn=Users,dc=ming,dc=com (adminldap为AD账号,一般权限即可)
bindpw ****** (adminldap的密码)
filter passwd (&(objectClass=user)(objectClass=person)(!(objectClass=computer)))
map passwd uid cn
map passwd uidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820
map passwd gidNumber objectSid:S-1-5-21-3623811015-3361044348-30300820
map passwd homeDi