Article

ncisrael's picture
article
Reads:

4646

Score:
0
0
 
Comments:

0

LUM-enable a SUSE Linux Enterprise 9 Server

Author Info

7 February 2006 - 12:00am
Submitted by: ncisrael

Author Blog
Author Profile

Tags

Tags Map

PROBLEM:

LUM enable a SLES 9 server. A modification of Edward van der Maas's solution for workstations.

SOLUTION:

Obtain an OES CD 2.

Install these 3 files

  • linux$ rpm -Uvh /suse/i386/NLDAPsdk-8.7.3.4-2.i386.rpm
  • linux$ rpm -Uvh /suse/i386/NLDAPSDK-8.7.3.4-2.i386.rpm
  • linux$ rpm -Uvh /suse/i586/NOVLam-2.2.0-39.i586.rpm

Then, run:

linux$ namconfig add -a cn=admin,o=la -r o=la -w ou=linuxwrks,o=la -S LDAPserer -l 636

where

-a == admin user in ldap format
-r == location of unix config object
-w == context of linux workstation object to be placed
-S == ldap server
-l == secure ldap port

Edit /etc/pam.d/login, /etc/pam.d/su, /etc/pam.d/sshd, and /etc/pam.d/passwd. Place these 5 lines at the top of each:

auth      sufficient  /lib/security/pam_nam.so.0
account   sufficient  /lib/security/pam_nam.so.0
password  sufficient  /lib/security/pam_nam.so.0
session   optional    /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022
session   sufficient  /lib/security/pam_nam.so.0

Use iManager to LUM enable a user, a group, and add the LUM group to the Linux workstation object.

EXAMPLE: Create a lum.txt file that contains:

auth      sufficient  /lib/security/pam_nam.so.0
account   sufficient  /lib/security/pam_nam.so.0
password  sufficient  /lib/security/pam_nam.so.0
session   optional    /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022
session   sufficient  /lib/security/pam_nam.so.

Create a bash script called lum_install that contains:

#! /bin/bash
rpm -Uvh NLDAPsdk-8.7.3.4-2.i386.rpm
rpm -Uvh NLDAPbase-8.7.3.4-2.i386.rpm
rpm -Uvh NOVLam-2.2.0-39.i586.rpm
namconfig add -a cn=admin,o=la -r o=la -w ou=Linuxwrks,o=LA -S primaryldap -l 636
mkdir /etc/pam.d.nambkp
cp /etc/pam.d/* /etc/pam.d.nambkp/
rm /etc/pam.d/login
cp lum.txt /etc/pam.d/login
cat /etc/pam.d.nambkp/login |tee -a /etc/pam.d/login
rm /etc/pam.d/su
cp lum.txt /etc/pam.d/su
cat /etc/pam.d.nambkp/su |tee -a /etc/pam.d/su
rm /etc/pam.d/sshd
cp lum.txt /etc/pam.d/sshd
cat /etc/pam.d.nambkp/sshd |tee -a /etc/pam.d/sshd
rm /etc/pam.d/passwd
cp lum.txt /etc/pam.d/passwd
cat /etc/pam.d.nambkp/passwd |tee -a /etc/pam.d/passwd
clear
echo Please use iManager to add the LUM group to the Linux workstation object


Related Articles


User Comments

© 2013 Novell