Difference between revisions of "CentOS"

From Univention Wiki

Jump to: navigation, search
Line 1: Line 1:
{{Version|UCS=3.0}}
+
{{Version|UCS=4.1}}
  
This guide describes how to include CentOS 6.2 in an UCS 3.0 domain. It only shows the diverging points from the standard CentOS installation.
+
This article moved to the official documentation: [http://docs.software-univention.de/domain-4.1.html#ext-dom-unix Integration of Linux/Unix systems into a UCS domain]
 
 
== Inclusion in the Management System ==
 
 
 
To include the CentOS system into the UCS management system,  add it as a member server. This ensures that the proper accounts will be added for the client. The following commands create a memberserver from the command-line with a known password:
 
<source lang=bash>
 
password="$(< /dev/urandom tr -dc A-Za-z0-9_ | head -c8)"
 
eval $(ucr shell)
 
udm computers/memberserver create --position cn=computers,${ldap_base} \
 
--set name=<hostname> --set password="${password}"
 
</source>
 
 
 
== CentOS Installation ==
 
 
 
During the installation one of UCS domain controllers should be chosen as the ntp time server. Additionally, the hostname for the system should be configured manually and not be relied on the DHCP offered one.
 
 
 
== Authentication Configuration ==
 
 
 
First the needed PAM modules need to be installed:
 
<source lang=bash>
 
yum install openldap openldap-clients nss_ldap krb5-libs krb5-workstation
 
</source>
 
 
 
Afterwards LDAP and Kerberos need to be enabled:
 
<source lang=bash>
 
authconfig --enablekrb5 --krb5kdc=<DC> --krb5realm=<REALM> --krb5adminserver=<DC> --enablecache --update''
 
authconfig --enableldapauth --ldapserver=<DC>:7389 --ldapbasedn=<base DN> --disableldaptls \
 
--ldaploadcacert=https://<DC Master>/ucs-root-ca.crt --update''
 
</source>
 
 
 
thereby you can use any UCS domain controller for the domain controller. The base DN can be found on a UCS domain controller using the command
 
<source lang=bash>
 
ucr get ldap/base
 
</source>
 
 
 
Now you need to set the binddn and password to use the authenticated ldap
 
<source lang=bash>
 
cat << _EOF_ >>/etc/libuser.conf
 
binddn cn=<hostname>,cn=computers,<base DN>
 
bindpw <password>
 
_EOF_
 
cat << _EOF_ >>/etc/nslcd.conf
 
binddn cn=<hostname>,cn=computers,<base DN>
 
bindpw <password>
 
_EOF_
 
cat << _EOF_ >>/etc/pam_ldap.conf
 
binddn cn=<hostname>,cn=computers,<base DN>
 
bindpw <password>
 
_EOF_
 
</source>
 
 
 
Afterwards you should be able to log into your CentOS System.
 
  
 
[[Category:EN]]
 
[[Category:EN]]
 
[[Category:Other Operating Systems]]
 
[[Category:Other Operating Systems]]

Revision as of 09:02, 30 November 2015

Produktlogo UCS Version 4.1

This article moved to the official documentation: Integration of Linux/Unix systems into a UCS domain

Personal tools