2 unit 8

###unit.8 ldap网络帐号###

###1.ldap是什么
ldap目录服务认证,和windows活动目录类似,就是记录数据的一种方式

###2.ldap客户端所需软件
yum install sssd krb5-workstation -y

###3.如何开启ldap用户认证
authcofig-tui

authconfig-tui

┌────────────────┤ Authentication Configuration ├─────────────────┐
│                                                                 │
│  User Information        Authentication                         │
│  [ ] Cache Information   [ ] Use MD5 Passwords                  │
│  [*] Use LDAP            [*] Use Shadow Passwords               │
│  [ ] Use NIS             [ ] Use LDAP Authentication            │
│  [ ] Use IPAv2           [*] Use Kerberos                       │
│  [ ] Use Winbind         [ ] Use Fingerprint reader             │
│                          [ ] Use Winbind Authentication         │
│                          [*] Local authorization is sufficient  │
│                                                                 │
│            ┌────────┐                      ┌──────┐             │
│            │ Cancel │                      │ Next │             │
│            └────────┘                      └──────┘             │
│                                                                 │
│                                                                 │
└─────────────────────────────────────────────────────────────────┘

┌─────────────────┤ LDAP Settings ├─────────────────┐
│                                                   │
│          [*] Use TLS                              │
│  Server: ldap://classroom.example.com/___________ │
│ Base DN: dc=example,dc=com_______________________ │
│                                                   │
│         ┌──────┐                ┌──────┐          │
│         │ Back │                │ Next │          │
│         └──────┘                └──────┘          │
│                                                   │
│                                                   │
└───────────────────────────────────────────────────┘

┌─────────────────┤ Kerberos Settings ├──────────────────┐
│                                                        │
│        Realm: EXAMPLE.COM_____________________________ │
│          KDC: classroom.example.com___________________ │
│ Admin Server: classroom.example.com___________________ │
│               [ ] Use DNS to resolve hosts to realms   │
│               [ ] Use DNS to locate KDCs for realms    │
│                                                        │
│          ┌──────┐                    ┌────┐            │
│          │ Back │                    │ Ok │            │
│          └──────┘                    └────┘            │
│                                                        │
│                                                        │
└────────────────────────────────────────────────────────┘
                                                          
<当出现以下报错时>

┌────────────────┤ Warning ├─────────────────┐
│                                            │
│ To connect to a LDAP server with TLS       │
│ protocol enabled you need a CA certificate │
│ which signed your server‘s certificate.    │
│ Copy the certificate in the PEM format to  │
│ the ‘/etc/openldap/cacerts‘ directory.     │
│ Then press OK.                             │
│                                            │
│                  ┌────┐                    │
│                  │ Ok │                    │
│                  └────┘                    │
│                                            │
│                                            │
└────────────────────────────────────────────┘

时因为tls的证书缺失,需要到服务器端下载所需要的证书到/etc/openldap/cacerts,用到命令
wget http:/172.25.254.254/pub/example-ca.crt

测试
getent passwd ldapuser1
如果用户信息可以正常显示,证明客户端认证成功

4.自动挂载用户家目录
yum install autofs -y
vim /etc/autofs.master
/home/guests    /etc/auto.ldap

vim /etc/auto.ldap
ldapuser1    172.25.254.254:/home/guests/ldapuser1
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
*        172.25.254.254:/home/guests/&

systemctl restart autofs

时间: 2024-10-22 23:42:56

2 unit 8的相关文章

mysqld服务启动失败, Failed to restart mysqld.service: Unit not found.

-bash-4.2# service mysqld restart Redirecting to /bin/systemctl restart mysqld.serviceFailed to restart mysqld.service: Unit not found. 并不存在 mysqld 的服务, -bash-4.2# -bash-4.2# chkconfig -list -list: unknown option -bash-4.2# chkconfig --list Note: Thi

10.23 linux任务计划cron10.24chkconfig工具10.25 systemd管理服务10.26 unit介绍 10.27 target介绍

- 10.23 linux任务计划cron - 10.24 chkconfig工具 - 10.25 systemd管理服务 - 10.26 unit介绍 - 10.27 target介绍 - 扩展 1. anacron http://blog.csdn.net/strikers1982/article/details/4787226  2. xinetd服(默认机器没有安装这个服务,需要yum install xinetd安装) http://blog.sina.com.cn/s/blog_46

CentOS 7 防火墙 出现Failed to start iptables.service: Unit iptables.service failed to load

错误信息如下: [root]# service iptables start Redirecting to /bin/systemctl start iptables.service Failed to start iptables.service: Unit iptables.service failed to load: No such file or directory.解决方法如下: 一直用CentOS 6 习惯了,一下没适应过来.防火墙配置后执行service iptables sav

GRU(Gated Recurrent Unit) 更新过程推导及简单代码实现

GRU(Gated Recurrent Unit) 更新过程推导及简单代码实现 RNN GRU matlab codes RNN网络考虑到了具有时间数列的样本数据,但是RNN仍存在着一些问题,比如随着时间的推移,RNN单元就失去了对很久之前信息的保存和处理的能力,而且存在着gradient vanishing问题. 所以有些特殊类型的RNN网络相继被提出,比如LSTM(long short term memory)和GRU(gated recurrent unit)(Chao,et al. 20

2 unit 4

###unit.4管理系统存储### ###1.分区划分 fdisk /dev/vdb Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table Buil

2 unit 5

###unit.5 LVM### ###1.LVM建立 1.划分物理分区并把分区id修改为8e [[email protected] ~]# fdisk /dev/vdb Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not

(4.5.4)Android测试TestCase单元(Unit test)测试和instrumentationCase单元测试

Android单元和instrumentation单元测试 Developing Android unit and instrumentation tests Android的单元测试是基于JUnit的.可分为: 1.本地单元测试 - 可以在JVM上运行测试(速度快,优先考虑). 2.Instrumented单元测试 - 需要Android系统 Android的Gradle插件支持在JVM上执行Andr??oid单元测试.它使用特殊版本的android.jar(也称为 Android mocka

ABP领域层——工作单元(Unit Of work)

ABP领域层——工作单元(Unit Of work) 点这里进入ABP系列文章总目录 基于DDD的现代ASP.NET开发框架--ABP系列之12.ABP领域层——工作单元(Unit Of work) ABP是“ASP.NET Boilerplate Project (ASP.NET样板项目)”的简称. ABP的官方网站:http://www.aspnetboilerplate.com ABP在Github上的开源项目:https://github.com/aspnetboilerplate 通用

Karma install steps for unit test of Angular JS app

npm install -g karma npm install –g karma-cli Install the plugins (optional)           # Install plugins that your project needs:  npm install karma-jasmine karma-chrome-launcher --save-dev Run following command to do unit test:           C:\Users\Br

.NET MVC4 实训记录之四(Unit of work + Repository)

今日后开启进阶模式! 谈到MVC与EntityFramework,则不得不说一说事务与仓储(Unit of work + Repository). 仓储(Repository):领域对象集合.用于操作领域对象与数据库上下文(DbContext)的交互(在此不得不说一声,领域对象和数据库表对象还是有区别的.领域对象实际上是一组有业务关系的数据库对象的抽象.最简单的形式就是主表.关系表在同一个领域对象中进行定义.例如我们前几章看到的UserProfile,它即定义了用户信息,又定义了用户角色关系信息