Configure LDAP Client in order to share users

Configure LDAP Client in order to share users' accounts in your local networks.
[1]	Install OpenLDAP Client.

[root@www ~]#  yum -y install openldap-clients nss-pam-ldapd # ldapserver=(LDAP server's hostname or IP address) # ldapbasedn="dc=(your own domain name)" [root@www ~]#  authconfig --enableldap \ --enableldapauth \ --ldapserver=dlp.server.world \ --ldapbasedn="dc=server,dc=world" \ --enablemkhomedir \ --update [root@www ~]#  exit  logout CentOS Linux 7 (Core) Kernel 3.10.0-123.20.1.el7.x86_64 on an x86_64 www login:  redhat  # LDAP user Password: # password Creating directory '/home/redhat'. [redhat@www ~]$ # logined normally [redhat@www ~]$  passwd # try to change the LDAP password Changing password for user redhat. Enter login(LDAP) password:  # current password New password:  # new password Retype new password: LDAP password information changed for redhat passwd: all authentication tokens updated successfully.

[2]	If SELinux is enabled, it needs to add a rule to allow creating home directories automatically by mkhomedir.

[root@www ~]#  vi mkhomedir.te # create new module mkhomedir 1.0; require { type unconfined_t; type oddjob_mkhomedir_exec_t; class file entrypoint; } #============= unconfined_t ============== allow unconfined_t oddjob_mkhomedir_exec_t:file entrypoint; [root@www ~]#  checkmodule -m -M -o mkhomedir.mod mkhomedir.te  checkmodule: loading policy configuration from mkhomedir.te checkmodule: policy configuration loaded checkmodule: writing binary representation (version 17) to mkhomedir.mod [root@www ~]#  semodule_package --outfile mkhomedir.pp --module mkhomedir.mod  [root@www ~]#  semodule -i mkhomedir.pp