diff -urN /tmp/etc/group- /etc/group- --- /tmp/etc/group- 2003-01-15 16:17:33.000000000 -0500 +++ /etc/group- 2003-01-15 17:55:57.000000000 -0500 @@ -35,3 +35,4 @@ pcap:x:77: darkness:x:500: ntp:x:38: +ldap:x:55: diff -urN /tmp/etc/gshadow- /etc/gshadow- --- /tmp/etc/gshadow- 2003-01-15 16:17:45.000000000 -0500 +++ /etc/gshadow- 2003-01-15 17:55:57.000000000 -0500 @@ -35,3 +35,4 @@ pcap:x:: darkness:!:: ntp:!:: +ldap:!:: diff -urN /tmp/etc/ldap.conf /etc/ldap.conf --- /tmp/etc/ldap.conf 1999-12-31 22:34:13.000000000 -0500 +++ /etc/ldap.conf 2003-01-15 23:12:51.000000000 -0500 @@ -11,7 +11,7 @@ host 127.0.0.1 # The distinguished name of the search base. -base dc=example,dc=com +base dc=my-domain-here,dc=net # Another way to specify your LDAP server is to provide an # uri with the server name. This allows to use diff -urN /tmp/etc/nsswitch.conf /etc/nsswitch.conf --- /tmp/etc/nsswitch.conf 1999-12-31 22:34:13.000000000 -0500 +++ /etc/nsswitch.conf 2003-01-15 23:12:51.000000000 -0500 @@ -30,9 +30,9 @@ #shadow: db files nisplus nis #group: db files nisplus nis -passwd: files nisplus -shadow: files nisplus -group: files nisplus +passwd: files nisplus ldap +shadow: files nisplus ldap +group: files nisplus ldap #hosts: db files nisplus nis dns hosts: files nisplus dns @@ -50,14 +50,14 @@ ethers: files netmasks: files networks: files -protocols: files nisplus +protocols: files nisplus ldap rpc: files -services: files nisplus +services: files nisplus ldap -netgroup: files nisplus +netgroup: files nisplus ldap publickey: nisplus -automount: files nisplus +automount: files nisplus ldap aliases: files nisplus diff -urN /tmp/etc/openldap/ldap.conf /etc/openldap/ldap.conf --- /tmp/etc/openldap/ldap.conf 1999-12-31 22:34:13.000000000 -0500 +++ /etc/openldap/ldap.conf 2003-01-15 23:12:51.000000000 -0500 @@ -13,4 +13,4 @@ #TIMELIMIT 15 #DEREF never HOST 127.0.0.1 -BASE dc=example,dc=com +BASE dc=my-domain-here,dc=net diff -urN /tmp/etc/pam.d/system-auth /etc/pam.d/system-auth --- /tmp/etc/pam.d/system-auth 1999-12-31 22:34:13.000000000 -0500 +++ /etc/pam.d/system-auth 2003-01-15 23:12:51.000000000 -0500 @@ -3,13 +3,17 @@ # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok +auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so +account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 type= password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow +password sufficient /lib/security/pam_ldap.so use_authtok password required /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so +session optional /lib/security/pam_ldap.so diff -urN /tmp/etc/sysconfig/authconfig /etc/sysconfig/authconfig --- /tmp/etc/sysconfig/authconfig 1999-12-31 22:34:13.000000000 -0500 +++ /etc/sysconfig/authconfig 2003-01-15 23:12:51.000000000 -0500 @@ -1,9 +1,9 @@ USEDB=no USEHESIOD=no -USELDAP=no +USELDAP=yes USENIS=no USEKERBEROS=no -USELDAPAUTH=no +USELDAPAUTH=yes USEMD5=yes USESHADOW=yes USESMBAUTH=no