Configure LDAP Client on Ubuntu 22.04|20.04|18.04|16.04

Posted on 147 views

This is a guide on how to configure an Ubuntu 22.04|20.04|18.04|16.04 LTS servers to authenticate against an LDAP directory server. LDAP is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services.

I expect you already have a running LDAP server, if not, use our guides below to set it up:

Once you have LDAP server configured and user accounts added, you can proceed to install and configure LDAP client.

Install and Configure LDAP Client on Ubuntu 22.04|20.04|18.04|16.04 LTS

Add LDAP server address to /etc/hosts file if you don’t have an active DNS server in your network.

$ sudo vim /etc/hosts

Install LDAP client utilities on your Ubuntu system:

sudo apt -y install libnss-ldap libpam-ldap ldap-utils

Begin configuring the settings to look like below

1. Set LDAP URI- This can be IP address or hostname


2. Set a Distinguished name of the search base


3. Select LDAP version 3


4. Select Yes for Make local root Database admin


5. Answer No for Does the LDAP database require login?


6. Set LDAP account for root, something like cn=admin,cd=example,cn=com


7. Provide LDAP root account Password


After the installation, edit /etc/nsswitch.confand add ldap authentication to passwd and group lines.

passwd: compat systemd ldap
group: compat systemd ldap
shadow: compat

Modify the file /etc/pam.d/common-password. Remove use_authtok on line 26 to look like below.

password [success=1 user_unknown=ignore default=die] try_first_pass

Enable creation of home directory on first login by adding the following line to the end of file /etc/pam.d/common-session

session optional skel=/etc/skel umask=077

See below screenshot:


Test by switching to a user account on LDAP

[email protected]:~# sudo su - jmutai
Creating directory '/home/jmutai'.
[email protected]:~$ id
uid=10000(jmutai) gid=10000(sysadmins) groups=10000(sysadmins)

That’s all.


Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.