CentOS 6通过ldap集成AD域账号(nslcd方式):
CentOS 6默认有安装nss-pam-ldapd软件(rpm -qa nss-pam-ldapd,rpm -ql nss-pam-ldapd)
vi /etc/nsswitch.conf
passwd: files ldap
group: files ldap
shadow: files ldap
:wq
vi /etc/nslcd.conf
binddn cn=aa,cn=users,dc=ming,dc=com (aa为普通AD账号,在Users组里)
bindpw ** (aa的密码)
下面部分默认为注释掉的,去掉注释即可
#Mappings for Active Directory
#pagesize 1000
#referrals off
filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=)(unixHomeDirectory=))
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map passwd gecos displayName
filter shadow (&(objectClass=user)(!(objectClass=computer))(uidNumber=)(unixHomeDirectory=))
map shadow uid sAMAccountName
map shadow shadowLastChange pwdLastSet
filter group (objectClass=group)
map group uniqueMember member
uid nslcd
gid ldap
uri ldap://10.0.0.3/
base dc=ming,dc=com
ssl no
tls-cacertdir /etc/openldap/cacerts
:wq
/etc/init.d/nslcd restart
getent passwd | grep zhi.yang
su - zhi.yang
原文地址:http://blog.51cto.com/yangzhiming/2093929