May 13

Linux ldap authentication with Active Directory: avoid hanging your server

The internet is a wonderful place for information. However, most sites you visit employ bots that steal other web pages. This is a problem because bots steal any page, whether the content is accurate or not.

At tlc faq, we do not run bots to steal web pages, esp. since so many pages on the internet are bogus and wrong. Starting with bogus / wrong information, when seeing documentation on ldap configuration on linux, do NOT enter nsswitch.conf entries on RHL systems, like so:

passwd: files ldap
group: files ldap
shadow: files ldap

These entries are unnecessary and will break your server!

ldap.conf, ldap.secret, a certificate file, and user accounts is all you need on the RedHat Linux server. You may need some pam.d file and/or pam.conf tweaks, but not always.

The information in the ldap.conf, like ‘rootbinddn’ and ‘cn’ is provided by the AD administrator.

Leave a Reply