To enable LDAP authentication, we need to install the nslcd package. When configured properly this will allow us to add users and have them authenticate via LDAP. Local users will still be able to login using a local password, think of it as a fall through mechanism.
apt-get install nslcd
The installer will ask you some questions.
LDAP URL: usually something like ldap://mycompany.com
LDAP root to search in: usually something like: DC=mycompany,DC=com, but you could put a specific container/group if you want to.
Choose simple authentication.
In this mode we need to specify a username and password that is allowed to search LDAP.
If the installer asks for a location choose passwd and shadow.
To review these settings
Some of the settings added by the installer.
tls_reqcert never referrals off filter passwd (objectClass=user) filter shadow (objectClass=user) map passwd uid sAMAccountName map shadow uid sAMAccountName binddn XXXXX bindpw XXXX
Restart the service after making changes
Don’t forget to add a local account with the same samID.
useradd -m -s /bin/bash usernameeee