This is a guide on how to configure an Ubuntu 18.04 & Ubuntu 16.04 LTS servers to authenticate against an LDAP directory server. LDAP is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services.

I expect you already have a running LDAP server, if not, use our guides below to set it up:

Install and Configure LDAP Client on Ubuntu 18.04 & Ubuntu 16.04 LTS

Add LDAP server address to /etc/hosts file if you don’t have an active DNS server in your network.

echo "192.168.18.50 ldap.example.com" | sudo tee -a /etc/hosts

Install LDAP client utilities on your Ubuntu system:

sudo apt -y install libnss-ldap libpam-ldap ldap-utils

Begin configuring the settings to look like below

1. Set LDAP URI- This can be IP address or hostname

2. Set a Distinguished name of the search base

3. Select LDAP version 3

4. Select Yes for Make local root Database admin

5. Answer No for Does the LDAP database require login?

6. Set LDAP account for root, something like cn=admin,cd=example,cn=com

7. Provide LDAP root account Password

After the installation, edit /etc/nsswitch.confand add ldap authentication to passwd and group lines.

passwd: compat systemd ldap
group: compat systemd ldap
shadow: compat

Modify the file /etc/pam.d/common-password. Remove use_authtok on line 26 to look like below.

password [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass

Enable creation of home directory on first login by adding the following line to the end of file /etc/pam.d/common-session

session optional pam_mkhomedir.so skel=/etc/skel umask=077

Test by switching to a user account on LDAP

[email protected]:~# su - jmutai
Creating directory '/home/jmutai'.
[email protected]:~$ id
uid=10000(jmutai) gid=10000(sysadmins) groups=10000(sysadmins)

That’s all. If you need advanced centralized user management platform, see

How to Install and Configure FreeIPA Server on Ubuntu 18.04 / Ubuntu 16.04

How to Configure FreeIPA Client on Ubuntu 18.04 / Ubuntu 16.04 / CentOS 7

How to Configure FreeIPA replication on Ubuntu / CentOS