https://www.server-world.info/en/note?os=Fedora_28&p=openldap&f=3
[root@www ~]#
dnf -y install openldap-clients sssd sssd-ldap oddjob-mkhomedir
# swicth authentication provider to sssd
[root@www ~]#
authselect select sssd with-mkhomedir
[root@www ~]#
vi /etc/openldap/ldap.conf
# add to the end: your LDAP server's URL and Suffix
URI ldap://dlp.srv.world/
BASE dc=srv,dc=world
# create new
# replace [ldap_uri], [ldap_search_base] to your own environment value
[domain/default]
id_provider = ldap
autofs_provider = ldap
auth_provider = ldap
chpass_provider = ldap
ldap_uri = ldap://dlp.srv.world/
ldap_search_base = dc=srv,dc=world
ldap_id_use_start_tls = True
ldap_tls_cacertdir = /etc/openldap/certs
cache_credentials = True
ldap_tls_reqcert = allow
[sssd]
services = nss, pam, autofs
domains = default
[nss]
homedir_substring = /home
[root@www ~]#
chmod 600 /etc/sssd/sssd.conf
[root@www ~]#
[root@www ~]#
Fedora 28 (Server Edition)
Kernel 4.16.6-302.fc28.x86_64 on an x86_64 (ttyS0)
Admin Console: https://10.0.0.31:9090/ or https://[fe80::5054:ff:fe01:3710]:9090/
www login: redhat # LDAP user
Password: # password
Creating home directory for redhat.
Last login: Tue May 28 19:54:04 on ttyS0
[redhat@www ~]$ # just logined
# changing LDAP password is common way with passwd
[redhat@www ~]$
Changing password for user redhat.
Current Password: # current one
New password: # new one
Retype new password:
passwd: all authentication tokens updated successfully.
