티스토리 뷰
* LDAP 클라이언트 구성의 Key Elements
1. 서버의 FQ hostname 사용 ldap://instructor.example.com
2. Base DN to search for user definitions dc=example,dc=com
3. 공인 인증기관의 인증서 http://instructor.example.com/pub/EXAMPLE-CA-CERT
LDAP 인증을 사용하기 위해서는 directory-client yum 패키지가 설치되어 있어야 한다.
# yum grouplist --> installed 확인
# yum groupinstall directory-client --> 설치
이후 system->adminstrator -> Authentication 이나 system-config-authentication을 통해 LDAP 인증을 구성한다.
식별 및 인증 -> LDAP , LDAP 검색기반 DN, LDAP 서버, TLS 암호화 체크후 인증서 다운로드(서버는 http://instructor.example.com/pub/EXAMPLE-CA-CERT), 인증방법 LDAP
여기까지 하면, sssd는 자동으로 시작된다. 수동 시작하려면,
service sssd stop; service sssd start
확인방법 :
getent passwd ldapuser1
한꺼번에 password파일을 보려면
/etc/sssd/sssd.conf 파일에 enumerate=True 추가
service sssd stop; service sssd start
[root@desktop4 sssd]# getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rtkit:x:499:499:RealtimeKit:/proc:/sbin/nologin
abrt:x:498:498::/etc/abrt:/sbin/nologin
saslauth:x:497:495:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
qemu:x:107:107:qemu user:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
nslcd:x:65:55:LDAP Client User:/:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
pulse:x:496:494:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
student:x:500:500::/home/student:/bin/bash
visitor:x:501:501::/home/visitor:/bin/bash
ldapuser10:*:1710:1710:LDAP Test User 10:/home/guests/ldapuser10:/bin/bash
ldapuser11:*:1711:1711:LDAP Test User 11:/home/guests/ldapuser11:/bin/bash
ldapuser12:*:1712:1712:LDAP Test User 12:/home/guests/ldapuser12:/bin/bash
ldapuser13:*:1713:1713:LDAP Test User 13:/home/guests/ldapuser13:/bin/bash
ldapuser14:*:1714:1714:LDAP Test User 14:/home/guests/ldapuser14:/bin/bash
ldapuser15:*:1715:1715:LDAP Test User 15:/home/guests/ldapuser15:/bin/bash
ldapuser16:*:1716:1716:LDAP Test User 16:/home/guests/ldapuser16:/bin/bash
ldapuser17:*:1717:1717:LDAP Test User 17:/home/guests/ldapuser17:/bin/bash
ldapuser18:*:1718:1718:LDAP Test User 18:/home/guests/ldapuser18:/bin/bash
ldapuser19:*:1719:1719:LDAP Test User 19:/home/guests/ldapuser19:/bin/bash
ldapuser20:*:1720:1720:LDAP Test User 20:/home/guests/ldapuser20:/bin/bash
ldapuser1:*:1701:1701:LDAP Test User 1:/home/guests/ldapuser1:/bin/bash
ldapuser2:*:1702:1702:LDAP Test User 2:/home/guests/ldapuser2:/bin/bash
ldapuser3:*:1703:1703:LDAP Test User 3:/home/guests/ldapuser3:/bin/bash
ldapuser4:*:1704:1704:LDAP Test User 4:/home/guests/ldapuser4:/bin/bash
ldapuser5:*:1705:1705:LDAP Test User 5:/home/guests/ldapuser5:/bin/bash
ldapuser6:*:1706:1706:LDAP Test User 6:/home/guests/ldapuser6:/bin/bash
ldapuser7:*:1707:1707:LDAP Test User 7:/home/guests/ldapuser7:/bin/bash
ldapuser8:*:1708:1708:LDAP Test User 8:/home/guests/ldapuser8:/bin/bash
ldapuser9:*:1709:1709:LDAP Test User 9:/home/guests/ldapuser9:/bin/bash
'IA > System Admin' 카테고리의 다른 글
| [v6] kill 프로세스 종류 (0) | 2011.05.30 |
|---|---|
| [v6] autofs (0) | 2011.05.30 |
| [v6] Redhat 한글 입력 (0) | 2011.05.30 |
| NFS 서버 설정 (0) | 2011.02.27 |
| NFS enable ! (0) | 2011.02.27 |
- Total
- Today
- Yesterday
- 차집합
- insert
- fromkeys
- powercli
- vmware.powercli
- 부동없이
- exadata
- vmware
- dezoomify
- 변수화
- dp-1
- cloud-init
- set()
- 정렬
- 3par
- oracle
- virt-sysprep
- Join
- 대소문자
- EXA
- 읽어오기
- 배열
- 스토리지
- dp-2
- storage
- 중복제거
- sysprep
- artandculture
- powershell
- LIST
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | |||||
| 3 | 4 | 5 | 6 | 7 | 8 | 9 |
| 10 | 11 | 12 | 13 | 14 | 15 | 16 |
| 17 | 18 | 19 | 20 | 21 | 22 | 23 |
| 24 | 25 | 26 | 27 | 28 | 29 | 30 |
| 31 |