Ubuntu 12.04 Precise: ldap with a server that supports openssl not gnutls ?
If you need to use ldap but your server does not support gnutls and instead it would like to use ssl.
Use the following ppa
https://launchpad.net/~tmortensen/+archive/ppa
Full Install Instructions
Add the ppa and update apt
apt-get install python-software-properties add-apt-repository ppa:tmortensen/ppa apt-get update
Install libldap and nslcd
apt-get install ldap-utils nslcd
Setup your config files and you should be set.
/etc/nslcd.conf
/etc/ldap/ldap.conf
For nsswitch change the passwd,group,shadow lines from compat to
/etc/nsswitch.conf
passwd: files ldap group: files ldap shadow: files ldap
By default when a user logs in without a home directory you will get an error. To have pam auto create homes on first login.
Edit these two files and add the following line to each:
/etc/pam.d/common-seesion
/etc/pam.d/common-session-noninteractive
session required pam_mkhomedir.so skel=/etc/skel umask=0022
You can restrict access by group using ssh.
/etc/ssh/sshd_config
AllowGroups LDAPGroupName localaccount