Setting UP LDAP and AutoFS in RHEL 7

LDAP (Lightweight Directory Access Protocol) is an authentication protocol used to allow secure access to directory servers. It’s an open standard protocol so all of it’s documentation is freely available for those who desire to build an LDAP server. It uses port 389 to communicate and is a TCP/IP protocol.

In order to install use LDAP we will need to install three programs: sssd, authconfig-gtk, and krb5-workstation.

So let’s do a
(the -y in our command will automatically answer yes to any prompts/questions we get from yum during the installation)
realSS

Once the installation is complete let’s configure our LDAP settings.
There are two ways to do this but we will stick to doing it from the terminal.
Run system-config-authentication and you will get the Authentication settings window. There a few things we will change here.

Under User Account Configuration

Set User Account Configuration to LDAP
The rest of the settings will be contingent upon your situation but I advise you check the box next to Use TLS to encrypt connections for an extra layer of security.

Uncheck the box next to Use DNS to locate KDCs for realms

Authentication Configuration

Change this to LDAP password.
Switch over to the Advanced Options tab and check the box next to Create home directory on the first login

Click apply and close out.

Now test that you are able to login to the server using ssh.

Now that we have LDAP configured let’s dive deeper and create an automounting home directory using autofs.
Installation
yum -y install autofs
Now let’s enable and start the service
systemctl enable autofs
systemctl start autofs

In order to set up autofs we need to create two files. The first one is called the master-map file and is called /etc/auto.master.d/*.autofs (replace * with any name, /etc/auto.master.d/example.autofs for example).
Screenshot from 2018-06-19 09_21_44

Run vim /etc/auto.master.d/example.autofs
and we will enter one line to this file
the entry should look like this

Replace /home/guests with the directory of your choice and you may change where it says “example” to the name of your choice. Now let’s save and exit.

We will create our second file now.
vim /etc/auto.example

Add one line to this entry with the following format
ldapuserX options servername:/directory/ldapuserX
2

The options will determine what permissions the user has. You can also indicate what version of NFS to use. We can now save this file.

Now let’s update our settings by restarting autofs

systemctl restart autofs

That’s it! Let’s test our autofs by logging in using the LDAP credentials and checking to see if our directory is automatically mounted once we login.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: