21 Apr

Ubuntu 12.04 Precise: ldap with a server that supports openssl not gnutls ?

If you need to use ldap but your server does not support gnutls and instead it would like to use ssl.

Use the following ppa


Full Install Instructions

Add the ppa and update apt
apt-get install python-software-properties
add-apt-repository ppa:tmortensen/ppa
apt-get update

Install libldap and nslcd

apt-get install ldap-utils nslcd

Setup your config files and you should be set.



For nsswitch change the passwd,group,shadow lines from compat to

passwd:         files ldap
group:          files ldap
shadow:         files ldap

By default when a user logs in without a home directory you will get an error. To have pam auto create homes on first login.

Edit these two files and add the following line to each:

session required pam_mkhomedir.so skel=/etc/skel umask=0022


You can restrict access by group using ssh.

AllowGroups LDAPGroupName localaccount