<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview 
This discussion is regarding the setup of [Linux] and [Unix] clients to use [LDAP] as an [authentication] and [authorization] source for non-privileged users. 

We specifically isolate [Privileged User Management] ([PUM]) and non-privileged users as the aspects are quite different and we feel should be handled differently. 

This subject, like a lot of technical subjects, is complex in that is involves many different relatively simple processes and as is often the case there are many different methods to accomplish the same end goal. If you have a better idea or comment, we welcome the opportunity to leran more. 

!! What to Modify 
There are several files that may need to be modified either by hand or through one of the various GUI configuration utilities available on Linux and Unix platforms. 

While we attempted to identify the Linux and Unix platforms when we describe the various operations, if not mentioned they were probably on the SuSE Enterprise platform as that is the platform we are most familiar. Further, as thing never stay the same, you need to do your own due diligence and do not even think of blaming us. 

Most [*NIX] distributions use a [Pluggable Authentication Modules] or [PAM|Pluggable Authentication Modules] for [authentication] and [authorization] of their clients. All(?) major distributions have at least &quot;loosely&quot; standardized on the PAM Implementation by the [Linux Kernel Project's implementation|http://www.kernel.org/pub/linux/libs/pam/]. 

This does not intend to imply there are not other leaders in this subject area. Certainly SUN and HP have contributed a grat deal to [Pluggable Authentication Modules] and in many ways have stayed ahead of the [Linux Kernel Project's implementation|http://www.kernel.org/pub/linux/libs/pam/]. 

The following sub-systems need to be configured to allow [authentication] and [authorization] for Linux and Unix Clients from LDAP: 
* [Pluggable Authentication Modules|Pluggable Authentication Modules] 
* [Name Service Switch|Name Service Switch] 
* [LDAP Client Configuration] 

! [LDAP Client Configuration] 
There is no &quot;standard&quot; [LDAP Client Configuration] for [*NIX] that we have found.

!! More Information 
There might be more information for this subject on one of the following: 
[{ReferringPagesPlugin before='*' after='\n' }]
</pre>