LDAP: Configure a system to use an existing LDAP directory service for user and group information.

Share this link

LDAP Server configuration

In order to test a LDAP client configuration, you will need to configure a LDAP directory service.
The LDAP server is called instructor.example.com in this procedure.

LDAP Client configuration

Install the following packages:

# yum install -y openldap-clients nss-pam-ldapd

Run the authentication menu:

# authconfig-tui

Choose the following options:

- Cache Information
- Use LDAP
- Use MD5 Passwords
- Use Shadow Passwords
- Use LDAP Authentication
- Local authorization is sufficient

In the LDAP Settings, type:


Note: Don’t use TLS if you specify ldaps.
Put the LDAP server certificate into the /etc/openldap/cacerts directory when asked.

Test the connection to the LDAP server (the ldapuser02‘s line of the /etc/passwd file should be displayed):

# getent passwd ldapuser02

You can also use the authconfig command to configure the client side.

NFS server configuration

To get the home directory mounted, you need to configure a NFS server.
The NFS server is called instructor.example.com in the procedure.
Note: it’s not required to have the LDAP server and the NFS server on the same machine, it’s only easier.

Automounter Client configuration

Install the following packages:

# yum install -y autofs nfs-utils

Create a new indirect /etc/auto.guests map and type:

* -rw,nfs4 instructor.example.com:/home/guests/&

Add the following line at the beginning of the /etc/auto.master file:

/home/guests /etc/auto.guests

Start the Automounter daemon and enable it at boot:

# service autofs start && chkconfig autofs on

Test the configuration:

# su - ldapuser02
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 4.00 out of 5)

Leave a Reply

Please Login to comment
5 Comment threads
7 Thread replies
Most reacted comment
Hottest comment thread
7 Comment authors
lozingaloGjorgibos1234AbdelrahmanCertDepot Recent comment authors
newest oldest
Notify of

First let me congrat and thank you for this amazing website, seriously there is nothing like this all over the web, it’s straight and to the point! 🙂

Man I’ve been to RHCSA 7 Exam and I did pass BUT I had a little problem, I did not succeed in getting the ldap client running.

I did add all the above configuration but it did not work, the openldap-client and the nss were already installed.

The only thing am thinking of now, can this be that I have to firewall-cmd and add the service or add-port on the client?


Good day,

Thank you for your effort.
I just have a question, What do you mean by this part “Note: Don’t use TLS if you specify ldaps”? Do you mean that I shouldn’t check the “[ ] Use TLS” if I specify the ldap server in the following field “ldap://instructor.example.com” ?


On this line: * -rw,nfs4 instructor.example.com:/home/guests/&

what does the ampersand signify?


Ampersand means “mount point will bear the same name as the remote mount.” The asterisk will be named after whatever the ampersand is named.
If shared resource /resource is mounted on a subdirectory of /mnt of the local host, that subdirectory will be named “resource”.


Hi all, I’m preparing RHCSA exam for next week.
Could you explain me please what is the advantage to use autofs for ldap users although the –enablemkhomedir of authconfig tool allow the creation of the home dir? Thank you

Upcoming Events (Local Time)

There are no events.

RHCSA7: Task of the day

Allowed time: 15 minutes.
Get an iso image of CentOS 7 (or a DVD) and set up a local repository.

RHCE7: Task of the day

Allowed time: 10 minutes.
Set up a default secure MariaDB database called maria with a user named muser with all privileges.

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...