Step1:配置时钟同步
[root@openldap ~]# yum install -y ntpdate
[root@openldap ~]# systemctl enable ntpdate
[root@openldap ~]# systemctl start ntpdate
[root@openldap ~]# timedatectl set-local-rtc 1
[root@openldap ~]# timedatectl set-timezone Asia/Shanghai
[root@openldap ~]# ntpdate -u pool.ntp.org
[root@openldap ~]# echo "*/20 * * * * /usr/sbin/ntpdate pool.ntp.org > /dev/null 2>&1" >>/var/spool/cron/root
[root@openldap ~]# systemctl reload crond
Step2:安装客户端必要软件
[root@CentOS7 ~]# yum -y install vim bash-completion openldap-servers openldap-clients nss-pam-ldapd sssd
Step3:配置openldap登录
[root@CentOS7 ~]# authconfig-tui
指定ldap服务器信息
[root@CentOS7 ~]# getent passwd //获取ldap账号
[root@CentOS7 ~]# systemctl enable nslcd
[root@CentOS7 ~]# systemctl start nslcd
[root@CentOS7 ~]# cp /etc/nsswitch.conf /etc/nsswitch.conf.old
[root@CentOS7 ~]# sed -i '/^passwd:.*$/s//& ldap/g' /etc/nsswitch.conf
[root@CentOS7 ~]# sed -i '/^shadow:.*$/s//& ldap/g' /etc/nsswitch.conf
[root@CentOS7 ~]# sed -i '/^group:.*$/s//& ldap/g' /etc/nsswitch.conf
[root@CentOS7 ~]# vim /etc/openldap/ldap.conf
BASE dc=checkpoint,dc=com
ssl off
[root@CentOS7 ~]# nslcd -d
[root@CentOS7 ~]# yum install autofs -y
[root@CentOS7 ~]# vim /etc/auto.master
/net -hosts
/home/zhangsan /etc/auto.ldap //增加
[root@CentOS7 ~]# vim /etc/auto.ldap
zhangsan 10.133.1.200:/home/zhangsan
[root@CentOS7 ~]# systemctl enable autofs.service
[root@CentOS7 ~]# systemctl start autofs.service