首页 > 代码库 > Linux 2 unit8 LDAP网络用户账户
Linux 2 unit8 LDAP网络用户账户
##自动挂载在ldap用户家目录###
本节内容只需要两个脚本即可搞定啦~
##脚本能成功创立ldapuser1用户###
[root@server13 ~]# vim auth-config.sh
echo "install packages..."
yum install sssd krb5-workstation -y &> /dev/null
echo "config authconfig..."
authconfig \ 使用men即可查看参数步骤
--enableldap \
--enablekrb5 \
--disableldapauth \
--enableldaptls \
--ldapserver="classroom.example.com" \
--ldapbasedn="dc=example,dc=com" \
--ldaploadcacert=http://172.25.254.254/pub/example-ca.crt \
--krb5realm="EXAMPLE.COM" \
--krb5kdc="classroom.example.com" \
--krb5adminserver="classroom.example.com" \
--update
echo "complete ~"
[root@server13 ~]# sh auth-config.sh ##执行脚本
install packagess...
config authconfig...
complete ~
[root@server13 ~]# id ldapuser1
uid=1701(ldapuser1) gid=1701(ldapuser1) groups=1701(ldapuser1)
[root@server13 ~]# su - ldapuser1 ##切换用户
su: warning: cannot change directory to /home/guests/ldapuser1: No such file or directory
mkdir: cannot create directory ‘/home/guests‘: Permission denied
-bash-4.2$ ##进入但不能执行命令
-bash-4.2$ exit
logout
或者使用图形界面手动选择
命令:authconfig-tui
[root@server13 ~]# vim auth-config.sh
#!/bin/bash
echo "install packages..."
yum install sssd krb5-workstation autofs -y &> /dev/null
echo "config authconfig..."
authconfig \
--enableldap \
--enablekrb5 \
--disableldapauth \
--enableldaptls \
--ldapserver="classroom.example.com" \
--ldapbasedn="dc=example,dc=com" \
--ldaploadcacert=http://172.25.254.254/pub/example-ca.crt \
--krb5realm="EXAMPLE.COM" \
--krb5kdc="classroom.example.com" \
--krb5adminserver="classroom.example.com" \
--update
echo "config autofs..."
echo "/home/guests /etc/auto.ldap" >>/etc/auto.master ##>>指追加,否则原文件会被覆盖
echo "* 172.25.254.254:/home/guests/&" >>/etc/auto.ldap ##作用:给用户一个根
systemctl restart autofs
echo "complete ~"
[root@server13 ~]# su - ldapuser1 ##用户完全成功切换
Last login: Sun Apr 30 04:36:47 EDT 2017 on pts/1
[ldapuser1@server13 ~]$ exit
logout
或者使用命令单步操作
命令:vim /etc/auto.master
命令:vim /etc/auto.ldap
本文出自 “AELY木” 博客,请务必保留此出处http://12768057.blog.51cto.com/12758057/1921094
Linux 2 unit8 LDAP网络用户账户