====== How to configure pam_ldap ? ======

The Goal is simple: use a unique and centralized users database for servers authentication.

PAM is a module dedicated to authentication process on Linux machines. ''pam_ldap'' is a module that make it possible to use a LDAP database to store users. With this module installed and configured on your servers, you will be able to connect to your servers with a unique login and a unique password stored in a unique place (your LDAP database).

First step is to install it :
<code>sudo apt-get install libpam-ldap</code>

FIXME : détailler les réponses aux questions

Naively, ''pam_ldap'' is not designed to handle Linux users and groups informations (uid, gid...) whereas these data are stored in the LDAP database. The ''libnss-ldap'' program is needed to achieve this task. It will start the ''nscd'' daemon that will himself handle these extra information queries. 

<code>sudo apt-get install libnss-ldap</code>

FIXME : détailler les réponses aux questions

__Notice__: most of ''libnss-ldap'' parameters are the same as the ''pam_ldap'' ones.


{{tag>computing encoding php iconv utf8}}
~~DISCUSSION~~